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General  Mills 

Food  maker 
mixes  simple 
ingredients 
in  IT  shop 

■  BY  PHIL  HOCHMUTH 


Henry  David  Thoreau’s  adage 
“simplify,  simplify”  is  more  than  a 
saying  at  food  giant  General 
Mills;  it’s  a  religion. 

The  axiom  applies  to  almost 
every  aspect  of  the  company’s 
network  infrastructure,  from  ap¬ 
plications  in  the  data  center  to 
network  hardware  on  factory 
floors. 

“Our  philosophy  at  General 
Mills  is  to  have  one  system,  one 
platform,  one  architecture,” says 
Vandy  Johnson,  director  of  IS 
operations  at  General  Mills.“We 
try  to  do  things  that  are  both  very 
good  and  very  simple  to  do.” 

The  $10  billion  company  which 
has  more  than  300  sites  in  30 
countries  and  employs  27,000 
people,  operates  on  just  a  few 
main  ingredients:  HP  server  and 
LAN  hardware,  SAP  software  and 
a  dash  of  Cisco  routers. 

But  the  food  giant  isn’t  running 
a  vanilla  IT  operation.Among  the 
technologies  being  deployed  at 
General  Mills  are  a  802.1X-based 
infrastructure  for  wired  and 
See  General  Mills,  page  16 


■  BY  JOEL  SHORE 


devices,  but  had 

never  been  audited.  It  relies  instead  on  a  “high 
level  of  confidence  in  our  senior  engineers 
and  technicians,”  says  the  company’s  techni¬ 
cal  services  director.  The  idea  of  an  audit,  he 
concedes,  had  “come  to  mind  time  and  again.” 
Finally,  the  time  had  come. 

See  Security  audit,  page  67 


Only  a  security  audit  can  expose  the 
truth  about  a  network’s  vulnerability. 
To  see  how  well-prepared  a  typical  en¬ 
terprise  network  is.  we  found  a  busi¬ 
ness  willing  to  let  us  tag  along  while  a  profes¬ 
sional  auditing  company  poked  and  probed  28 
of  its  Servers,  and  then  delivered  its  findings 
in  a  face-to-face  meeting. 

The  results  were  frightening  —  and  should 
sound  the  alarm  for  IT  directors  everywhere. 
The  company,  a  major  New  England  medical 


EMC  deal 
highlights 
storage 
evolution 

■  BY  DENI  CONNOR  AND 
JENNIFER  MEARS 

Companies  looking  for  ways  to 
better  track  and  manage  an  ever- 
expanding  amount  of  digital  in¬ 
formation  should  pay  close  atten¬ 
tion  to  EMC’s  planned  acquisition 
of  Documentum  as  the  lines  be¬ 
tween  storage  and  content  man¬ 
agement  continue  to  blur. 

The  $1.7  billion  deal  an¬ 
nounced  last  week  highlights  the 
growing  role  that  content  cre¬ 
ation  and  archival  technologies 
are  playing  in  storage  systems,  a 
union  that’s  being  dubbed  infor¬ 
mation  life-cycle  management. 
EMC  has  been  positioning  itself 
as  a  leader  in  this  arena  — 
which  includes  HP  and  Veritas 
Software  —  and  in  July  shelled 
out  $1.3  billion  for  Legato 
Systems,  a  maker  of  life-cycle 
management  and  back-up  and 
recovery  software. 

The  acquisition  of  Docu¬ 
mentum  will  boost  EMC’s  infor¬ 
mation  life-cycle  management 
capabilities  —  provided  the  com¬ 
pany  successfully  can  integrate 
Documentum’s  expertise  —  by 
adding  document, records, digital 
See  EMC,  page  93 


What  users  want  from  Linux 


WISH  LIST 


■  BY  DENI  CONNOR  AND 
JENNIFER  MEARS 

Enhanced  system  management 
capabilities,  better  security,  sup¬ 


port  for  third-party  drivers  and 
more  unity  among  the  various 
distributions  top  user  wish  lists 
when  it  comes  to  Linux.They  also 
would  like  to  see  more  of  their 
peers  embrace  the  open  source 
operating  system  as  it  evolves  into 


a  platform  capable  of  supporting 
even  the  most-critical  layers  in  the 
data  center. 

“One  of  the  biggest  hurdles  that 
Linux  has  to  overcome  to  be  a 
bigger  player  in  the  enterprise  is 

See  Linux,  page  12 


CASH  BACK 


2003  BMC  Software  Inc 


3  SERVERS  ARE  ABOUT  TO  GO  DOWN 


ONE  OF  THEM  WILL  LOSE 
CUSTOMERS  PER  MINUTE 


CAN  YOUR  SOFTWARE  TELL  YOU  WHICH  ONE? 


vital  business  services  like  sales,  customer  service,  online 
transactions,  logistics  and  distribution — whatever  is 
most  critical  to  your  company's  success.  It's  enterprise 
management  software  that  works  with  your  existing  IT 
resources  to  let  you  manage  what  matters  from  a  business 
perspective  and  execute  with  precision.  Find  out  how  at 
www.bmc.com/bsm8 


Business  Service  Management  solutions  from  BMC  Software® 
can.  In  fact,  they  let  you  predict  critical  performance 
problems  and  resolve  them  before  they  ever  impact  your 
business.  And  you  can  prioritize  IT  management,  invest¬ 
ments  and  resource  allocations  to  optimize  your  business 
performance.  So  you  can  solidly  align  your  IT  investments 
with  strategic  business  goals.  And  protect  the  delivery  of 
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ARE  THE  SEVEN  DEADLY  COMPUTING  SINS 
IMPACTING  YOUR  INFORMATION  SYSTEMS? 


HH 


Freeware  and  shareware 
are  crushing  your  network. 

W  W 

Employee  desktops  are  out  of  control.  Turn  to 
Websense  Enterprise  to  save  your  systems 
from  the  viruses,  spyware  and  copyright  liability 
that  come  with  application  overindulgence. 

•  Block  access  to  freeware,  shareware  and 
P2P  sites 

•  Inventory,  manage  and  report  on 
desktop  applications 

•  Prevent  application  downloads  by  file 
type  or  protocol 

* 

With  market  leading  Websense  Enterprise 
software  (source:  IDC),  employee  hoarding 
won't  cause  anymore  help-desk  headaches. 

Just  download  a  free,  30-day  trial  of 
Websense  Enterprise  at  www.websense.com 


NASDAQ:  WBSN 
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8  Group  tries  to  steer  Utility  computing. 

8  Users  demand  single  spec  for  ID  management. 
10  Juniper  spearheads  effort  to  fortify  ’Net. 

10  Citrix  users  talk  turkey. 

11  Mitel  launches  voice-over-IP  apps,  hardware. 

15  Aruba  boosts  Wi-Fi  security,  remote  management. 

16  HP  plans  low-end  ProLiantS. 


Infrastructure 


■  21  General  Datacomm 
resurfaces. 


■  21  ClearCube  expands  reach  of 
PC  blades. 


■  22  Check  Point  gets  in 
appliance  business. 


■  22  Dave  Kearns:  Looking 
for  blame  in  all  the  wrong  places. 


Enterprise 

Applications 


■  25  Vendors  bolster  anti-spam 
packages. 

■  25  Westbridge  touts  Web 
services  access  tool. 


■  26  SSH  boosts  e-commerce 
security. 

26  Authentication  upgrade  on  tap 


from  Funk. 


■  26  Keynote  pack  manages 
streaming  media. 

■  28  SeeBeyond  improves  applica¬ 
tion  integration. 

■  28  CommVault  rolls  out  data- 
protection  software. 

■  28  Scott  Bradner:  Reach 
for  the  stupid  juice. 


Service  Providers 


■  31  Sprint  beefs  up  SLAs  on  data 
services. 

■  31  Start-up  offers  SSL  remote 
access. 

■  32  Nortel  converges  metro  nets. 

■  32  Johna  Till  Johnson: 

Teaching  service  providers  to  offer 
choices. 

■  34  Special  Focus:  ISPs 
ratcheting  up  anti-spam  efforts. 


Technology  Update 


■  61  IP  Centrex  reduces 
telephony  costs. 

■  61  Steve  Blass:  Ask  Dr. 

Internet, 


■  62  Mark  Gibbs:  Euphoric 
about  Euphoria. 

■  62  Keith  Shaw:  Cool  tools, 
gizmos  and  other  neat  stuff. 


Opinions 

■  64  Editorial:  Dressing  up 
COBOL  in  modern  garb. 


■  65  Robin  Layland:  A 

for  end-user  advocates. 


■  65  Winn  Schwartau: 

Achieving  secure  unwired  bliss. 

■  94  BackSpin:  Business 
process  insanity. 

■  94  'Net  Buzz:  Bloggers 
look  to  turn  back  a  familiar  foe: 
spammers. 


Management 

Strategies 

■  81  Bidding  down:  Online  tech¬ 
nique  for  purchasing  IT  goods  and 
services  saves  companies  time  and 
money. 

■  88  Career  classifieds. 


The  Treo  600: 


PDA,  Phone, 
camera,  Web 
access,  e-mail, 
GPS,  molecular 
transporter 
and  cappuccino 
maker,  all  in 
one. 

Page  62 


Features 


Anatomy  of  a  security  audit  We  follow 
two  security  sleuths  as  they  probe  for  network  vulnerabili¬ 
ties  at  a  New  England  medical  center. 

Continues  from  page  1  on  page  67. 


Giving  it  roots.  A-  Our  editorial  sup- 
i'T!  plement  begins 
^  v  after  Page  36. 


IP  Centrex:  This  hosted  IP  telephony  service  offers 
more  bang  for  the  buck  than  traditional  Centrex  or  PBXs. 
Find  out  if  it's  well-suited  to  your  company.  Page  74. 


Nurturing  a  culture  of  continuity 
Great  business-continuity  plans 
need  the  help  of  everyone.  Page  S4. 


1  Incident  response  teams  gain  allure 
No  business-continuity  plan  is  complete 
without  a  computer  SWAT  team.  Page  S8. 


Exclusive  Review:  In  an  exclusive  test,  Test 
Alliance  member  David  Newman  is  impressed  by  Cisco's 
new  10G  Ethernet  switch.  Page  77. 


•  Going  the  distance  for 
business  continuity 
IP  steps  up  as  a  transport 
option  for  out-of-region 
replication.  Page  S14. 


NetvvokVUbrldFiison 


Putting  continuity  on  the  wings  of  ILM 
Understanding  the  value  of  corporate 
data  must  come  before  a  business- 
continuity  plan  can  soar.  Page  S18. 


www.nwfusion.com 


Interactive 


Columnists 


New  standards  page 

The  nice  thing  about  standards  is  how  many  of  them  there  are,  right? 
Keep  up  with  all  the  standards  work  with  our  new  Standards  page. 

DocFinder:  7628 


News  the  way  you  want  it 

Track  just  the  technologies,  companies  and  authors  you're  interested  in 
—  we've  now  got  more  than  60  RSS  feeds,  including  new  feeds  on 
servers  and  viruses. 

DocFinder:  7442 


Compendium 

The  spammers  are  gaining  again 
Bayesian  filtering  has  become  the  hot  new  thing  in  fighting 
spam,  but  Fusion  Executive  Editor  Adam  Gaffin  says  the  bad 
guys  are  adapting.  DocFinder:  8133 


Wireless  Wizards 

Where  does  the  bandwidth  go? 

The  Wizards  help  Adam  in  Kansas  City  do  some  math  when  it 
comes  to  wireless  LAN  throughput,  DocFinder:  8134 


Seminars  and  events 


Is  your  data  center  fully  metered,  fully 
accountable  and  fully  effective? 


The  new  data  center  is  about  ways  to  control  and  consolidate  data,  new 
ways  to  automate  servers  and  storage,  and  new  tools  to  maximize  your 
network  through  virtualization.  Discover  them  at  The  New  Data  Center: 
Powering  the  Enterprise,  a  Network  World  Technology  Tour  event.  Free  to 
qualified  professionals.  DocFinder:  7534 


Telework  Beat 

Teaching  companies  new  tricks 
Net.Worker  Managing  Editor  Toni  Kistner  shows  you  how 
Georgia's  Clean  Air  Campaign  uses  cash  to  instill  work-at- 
home  habits.  DocFinder:  8135 


Breaking  News 


Go  online  for  breaking  news  every  day. 

DocFinder:  6342 


Small  Business  Tech 

Tape  backup  continues  to  dominate 
Despite  a  variety  of  back-up  systems  and  media,  columnist 
James  Gaskin  says  Sony  proves  tape  provides  the  best 
value.  DocFinder:  8136 


Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key 
network  topics.  DocFinder:  6343 


Home  Base 

On  the  road  again 

Columnist  Ron  Miller  says  Ring  Central's  800-Works  provides 
one  trucking  recruiter  with  a  full-featured  communications 
tool  DocFinder  8137 
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What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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News 


VeriSign  sells  Network  Solutions 

■  VeriSign  is  selling  85%  of  its  Network  Solutions  business,  which 
provides  .com  and  .net  Internet  domain  name  registrations,  to 
Pivotal  Private  Equity  for  approximately  $100  million.  VeriSign 
gained  Network  Solutions’  registrar  and  registry  businesses  when 
it  purchased  the  company  in  2000  for  $16  billion.  The  company 
will  retain  full  ownership  of  the  master  databases  for  .com  and 
.net,  including  the  controversial  SiteFinder  search  service  that  it 
recently  agreed  under  pressure  to  temporarily  suspend. 

IBM  sees  hiring  ahead 

■  IBM  plans  to  add  10,000  new  jobs  next  year,  according  to  CEO  Sam  Palmisano.The 
new  positions  will  be  in  key  skill  areas  that  include  services,  middleware  technologies, 
Linux  and  open-standards-based  hardware  and  software,  Palmisano  said  in  a  statement 
that  announced  the  company’s  third-quarter  earnings.  Carried  by  growth  in  its  software 
and  global  services  businesses,  IBM  reported  revenue  of  $21.5  billion,  9%  higher  than 
last  year’s  $19.8  billion  third-quarter  total. 

“We  are  beginning  to  see  signs  that  the  economy  has  stabilized,”  Palmisano  said.  While 
product  demand  isn’t  yet  up  across  the  board,  customers  are  expected  to  increase  IT 
investments  in  2004.“Although  it  is  too  early  to  say  that  a  rebound  is  at  hand,  we  are  con¬ 
fident  that  we  will  benefit  from  both  a  pickup  in  IT  spending  and  an  economic  recov¬ 
ery^’ Palmisano  said. 

Siebel  buys  two  CRM  vendors 

■  CRM  market  leader  Siebel  Systems  announced  two  acquisitions  last  week  aimed  at 
rounding  out  its  product  portfolio.  The  company  is  acquiring  hosted  CRM  services 
company  UpShot  in  a  deal  valued  between  $50  million  and  $70  million.  Siebel  has 
been  paying  a  lot  of  attention  to  the  hosted  CRM  market  lately  —  earlier  this  month  it 
joined  forces  with  IBM  to  announce  Siebel  CRM  OnDemand,Siebel’s  first  hosted  CRM 
service  since  the  demise  of  its  Sales.com  spinoff  in  2001.  Siebel  also  said  it  has 
acquired  incentive  management  software  maker  Motiva  for  an  undisclosed  sum. Siebel 
plans  to  use  Motiva’s  technology  to  enhance  its  own  compensation-  and  commission¬ 
tracking  product. 


cBad  'he  Ugly 


When  good  hands  fail.  Did  you  catch  one  of 

those  new  ThinkPad's  from  IBM? ...  We  mean  before  it 
hit  the  floor, ...  IBM  says  the  new  R50  and  T41  models 
have  chips  that  can  detect  when  a  dropped  laptop 
is  losing  to  gravity.  The  chip  supposedly  M 
minimizes  damage  by  stopping  any  reading 
or  writing  to  the  hard  drive 
. . ,  before  impact.  >► 

Enough  already.  More  than 

70%  of  technology  professionals  surveyed 
on  behalf  of  security  vendor  Trend  Micro 
say  they  believe  spam  has  become  an  epidemic. 

Of  course,  vendors  don't  commission  surveys 
to  enlighten  IT  professionals;  they  do  it  to 
garner  publicity  that  helps  sell  goods 
and  services.  Still,  hasn't  this 
particular  point  been  established? 

Not  exactly  neighborly.  Another  poll  —  this  one  for  wireless  LAN 
vendor  2Wire  —  finds  that  44%  of  200  respondents  say  they’d  take  advantage 
of  a  neighbor’s  lax  security  practices  to  get  a  gander  at  his  wireless  network. 
...  We  don't  want  to  even  think  about  what  that  number  might  be  for  an  open 
window  shade? 


compiling  a  list  of  commercial  Linux  users,  and  previously  it  said  that  it  expected  to 
begin  invoicing  these  companies  by  mid-October.  The  invoicing  plans  have  been 
delayed  indefinitely 


BMC  announces  partnership  deal 


■  BMC  Software  last  week  announced  third-party  partnerships  and  software  the  com¬ 
pany  says  will  help  customers  more  effectively  manage  business  applications.  The 
company  announced  partnerships  with  Symantec,  EMC  and  Accenture  it  says  will  let 
customers  tie  systems  from  those  vendors  together  with  BMC’s  monitoring  tools.  The 
partnerships  are  part  of  the  software  company’s  Business  Service  Management  strategy. 
Announced  six  months  ago,  BSM  involves  modeling  an  application  as  a  business  ser¬ 
vice  and  monitoring  the  network, server, storage  and  other  resources  as  a  whole  entity, 
rather  than  managing  the  components  separately.  On  the  software  front,  BMC  intro¬ 
duced  a  new  Web  interface  for  its  Service  Impact  Manager  2.0  software.  SIM  builds  a 
map  of  the  network  and  connects  the  dots  between  network  components  and  the 
applications  they  support.  The  idea  is  to  help  users  more  quickly  spot  problems  that 
could  slow  application  performance.  SIM  2.0  is  expected  to  be  available  Nov.  15,  and 
pricing  starts  at  $87,000. 


SCO  eases  up  on  ultimatums 

■  The  SCO  Group  has  decided  to  give  Linux  users  another  two  weeks  before  doubling 
the  license  fees  it  is  demanding  for  its  Intellectual  Property  License  for  Linux,  and  has 
backed  off  on  plans  to  begin  sending  invoices  to  commercial  Linux  users.The  extension 
comes  because  SCO  was  late  to  market  with  its  licensing  plan,  which  was  announced 
in  August, according  to  a  SCO  spokesman.The  company  has  extended  its  deadline  until 
Oct. 31.  After  that, pricing  will  jump  to  about  $1,400  per  processor.At  the  same  time, SCO 
has  decided  to  hold  off  on  its  plans  to  begin  sending  invoices  to  Linux  users.  SCO  is 

COMPENDIUM 

Like  the  Borg 

Glenn  Fleishman  reports  that  spammers  have  figured  out  how  to  get  around 
Bayesian  filtering,  a  statistical  approach  for  blocking  spam,  and  so  he  is  seeing 
more  unwanted  mail  in  his  in-box:  “Bayesian  filtering,  while  a  wonderful  idea,  has  its 
limits  because  of  spammers'  cleverness  and  adaptability."  Read  more  at 

www.nwfuaion.com,  DocFinder:  8142. 


Guiliani,  Ernst  &  Young  team  up 

■  Former  New  York  Mayor  Rudy  Guiliani’s  consulting  firm,  Guiliani  Partners,  last  week 
joined  forces  with  technology  consulting  group  Ernst  &  Young  to  open  two  data  secu¬ 
rity  centers,  one  in  New  York  and  the  other  in  Houston. The  companies  intend  to  assist 
clientele  in  discovering  vulnerabilities  in  their  computer  networks  and  applications  by 
trying  to  break  into  them  from  the  outside,  a  procedure  commonly  known  as  “ethical 
hacking.’The  high-profile  partnership  is  intended  to  team  up  Guiliani’s  star-power  back¬ 
ground  in  law  enforcement  with  Ernst  &  Young’s  cybersecurity  practice. 

MCI  names  ethics  officer 

■  MCI  last  week  appointed  Nancy  Higgins  as  the  company’s  first  chief  ethics  officer. The 
company  has  been  searching  for  an  executive  for  this  newly  created  position  for 
months.  Before  accepting  this  position  Higgins  served  as  vice  president  of  ethics  and 
business  conduct  at  Lockheed  Martin.  Higgins  served  as  a  senior  corporate  attorney 
with  Boeing  before  her  stint  at  Lockheed.  Higgins  will  report  to  MCI  Chairman  and  CEO 
Michael  Capellas. 
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AVAVA 

a  higher  plane 
of  communication 


WHICHEVER  PATH  YOU  CHOOSE  — Client-Server  or  IP- 

enabled  Telephony — you’ll  make  the  most  of  your  existing 

equipment  and  applications  with  Avaya.  Keep  up  to  85%* 

(or  more!)  with  our  open  standards-based  solutions  and 

multi-vendor,  multi-technology  expertise.  The  world  leader 

in  IP  Telephony  offers  you  the  flexibility  to  support  a 

diverse  set  of  endpoints — IP,  digital,  analog  and  mobile. 

As  well  as  voice  encryption  for  maximum  security  anywhere 

on  your  network.  We’ve  even  got  flexible  solutions  for 

greenfield  installations.  All  supported  by  Avaya  Global 

Services.  So  start  moving  to  IP  without  the  heavy  lifting 

at  avaya.com/iptelephony.  Or  call  866-GO  AVAYA  today. 

1 _ _ i 

IP  Telephony 

Contact  Centers 

Unified  Communication  j  Services 

Migrate  to  IP  Telephony. 


'Based  on  historical  results.  Individual  results  may  vary 
depending  upon  your  specific  network  enviicnmenf. 

V  20 03.  Avaya  Inc.  At*  Right*  Reserved  Avaya.  the  At-aya  Logo,  a’id  ai«  *  adom.trks 
idenirfied  by  o r,M  are  trademarks  of  Avaya  inc  arid  may  be  regtanered  m  certain 
Jurisdiction*.  Ail  other  trademarks  are  the  protieny  ot  their  respective  dado's. 
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Group  tries  to  steer  utility  computing 


HOW  IT  WORKS 


Standard  operating  procedures 

Data  Center  Markup  Language  (DCML) 
promises  to  help  enable  utility  computing 
by  bridging  the  gaps  between  existing 
management  tools  and  reducing  manual 
processes. 


DCML  lets  disparate 
management  systems 
exchangeand  correlate 
data  to  speed  auto¬ 
mated  problem  diag¬ 
nosis  and  resolution. 


Data-center 
management  console 


Users  can  consolidate  systems 
information  in  a  central  location 
and  maintain  configuration 
templates  for  deploying  new 
data  center  resources. 


Servers 


Network  gear 


Storage  gear 


■  BY  ANN  BEDNARZ  AND 
DENISE  DUBIE 

BOSTON  —  The  creators  of  a 
proposed  data-center  standard 
say  their  efforts  could  help  re¬ 
move  obstacles  in  the  way  of  IT 
executives  trying  to  build  utility- 
based  computing  infrastruc¬ 
tures.  Observers  applaud  the 
effort  but  say  its  chances  of  sur¬ 
vival  are  slim  if  the  standard 
doesn’t  win  support  from  major 


players  such  as  IBM,  Microsoft 
and  Sun. 

Outsourcing  services  company 
Electronic  Data  Systems  and 
management  software  maker 
Opsware  initiated  work  on 
Data  Center  Markup  Language 
(DCML),  an  XML-based  stan¬ 
dard  for  describing  the  various 
components  running  in  a  data 
center  and  how  those  compo¬ 
nents  interoperate. 

By  increasing  visibility  into 


data-center  operations,  DCML 
will  help  control  complexity 
and  reduce  management  costs, 
proponents  say. 

Unruly  data  centers  have  be¬ 
come  a  problem  for  IT  executives 
as  numbers  of  servers  and  appli¬ 
cations  —  including  dozens  of 
disconnected  management  sys¬ 
tems  that  don’t  share  information 
—  have  skyrocketed,  said  Marc 
Andreessen,  chairman  of  Ops¬ 
ware,  at  an  event  held  last  week  to 
launch  DCML. 

“Data  centers  are  experienc¬ 
ing  an  ongoing,  continuous  on¬ 
slaught  of  new  technologies,” 
he  said. 

Opsware  and  its  biggest  cus¬ 
tomer,  EDS,  along  with  Computer 
Associates,  signed  on  as  govern¬ 
ing  members  of  the  DCML  Or¬ 
ganization,  which  boasts  25  ven¬ 
dor  members. 

Companies  committing  to  get¬ 
ting  the  standard  off  the  ground 
by  early  next  year  include  net¬ 
work  management  vendors  such 
as  Micromuse,  infrastructure  soft¬ 
ware  maker  BEA  Systems,  and 
software  start-ups  such  as  Con- 
figuresoft  and  Relicore. 

The  proposed  DCML  standard 
will  provide  an  inventory  of  data¬ 
center  elements,  describe  how 
those  pieces  interoperate  and 
define  the  various  policies  that 
bind  them  together. 

It  encompasses  a  range  of  data¬ 
center  gear,  including  network 
and  storage  components;  soft¬ 
ware  infrastructure  and  applica¬ 
tions;  and  Unix,  Linux,  Windows 
and  other  servers. 

With  this  information  tied  to¬ 
gether,  companies  will  be  able  to 
more  easily  reproduce,  rebuild  or 
re-provision  any  portion  of  their 
data-center  environment,  An¬ 
dreessen  said. 

Users  will  be  able  to  automate 
time-consuming  processes  such 
as  deploying,  upgrading  and 
patching  servers.  Also,  for  disaster- 
recovery  purposes,  DCML  can  be 
used  as  a  blueprint  to  reproduce 
a  complete  data-center  infrastruc¬ 
ture  —  including  component  de¬ 
pendencies,  device  configura¬ 
tions,  operational  rules  and  man¬ 
agement  processes. 

Further,  DCML  will  provide  a 
foundation  to  enable  utility  com¬ 
puting,  its  backers  say 

Linking  existing  IT  management 
systems  is  a  prerequisite  to 
achieving  the  much  touted  but 
still  elusive  vision  of  a  utility-com¬ 
puting  infrastructure  made  up  of 
self-healing,  self-managing,  self- 


protecting  and  self-provisioning 
systems. 

“A  real-time  infrastructure  re¬ 
quires  an  integration  platform 
to  give  IT  managers  visualiza¬ 
tion  of  the  components  and  the 
service,  and  to  help  them  auto¬ 
mate  the  process,”  says  Donna 
Scott,  a  research  director  with 
Gartner. 

She  says  enabling  the  islands  of 
network,  servers,  storage  and 
applications  to  share  data  will 
help  companies  implement  a 
higher-level  and  more-automated 
means  to  manage  data  centers. 

The  variety  of  vendors  com¬ 
mitting  to  DCML  reflects  the 
range  of  systems  and  technolo¬ 
gies  that  must  communicate 
with  each  other  in  today’s  enter¬ 
prise  data  centers  to  enable 
more  automation  and,  ulti¬ 
mately,  utility  computing. 

Yet  noticeably  absent  among 
DCML’s  backers  are  HR  IBM, 
Microsoft  and  Sun  —  all  of 
which  announced  utility-com¬ 
puting  strategies  in  the  past 
year.  Opsware  partnered  earlier 
this  year  with  HP  and  says  HP’s 
involvement  in  the  standard 
initially  will  be  through  that 
relationship. 

For  its  part,  Microsoft  recently 
announced  its  Systems  Defini¬ 
tion  Model  (SDM),  which  pro¬ 
vides  a  format  for  encoding 


Windows  application-compo¬ 
nent  requirements. 

DCML  backers  say  that  ulti¬ 
mately  users  will  be  able  to  feed 
SDM  component  requirements 
directly  into  DCML-defined  con¬ 
straints  for  Windows  applications. 

Without  the  support  of  major 
players,  the  DCML  Organization 
will  be  unlikely  to  effect  much 
change  in  the  data  center,  says 
Lance  Travis,  vice  president  at 
AMR  Research' 

“They  can  build  adapters  to  the 
systems,  networking  and  storage 
components  that  will  enable  their 
reference  code  and  products  to 
work,  but  without  the  direct  sup¬ 
port  of  the  big  systems  vendors, 
DCML  will  remain  of  limited  use,” 
Travis  says. 

In  general,  having  a  standard 
that  supports  provisioning  and 
change  management  across 
multiple  platforms  would  be 
beneficial  —  if  it  comes  to 
fruition, Travis  says. 

However, “the  gap  between  stan¬ 
dards  and  real  products  is  huge, 
and  I  don’t  expect  this  group  to 
cross  that  gap  in  any  significant 
way  anytime  soon,”  he  says. 

The  best  thing  for  the  DCML  Or¬ 
ganization  would  be  to  finish 
Version  1  of  the  DCML  specifica¬ 
tion  and  then  get  absorbed  by  a 
larger  existing  standards  group, 
Travis  suggests.  ■ 


Users  demand  single 
spec  for  ID  mgmt. 

■  BY  JOHN  FONTANA 

DENVER  —  Corporate  executives  are  demanding  convergence  of 
competing  federated  identity  management  specifications,  making 
the  developers  of  those  specifications  feel  the  heat.  But  the  standoff 
eventually  could  hurt  end  users. 

A  federated  identity  management  standard  would  let  companies 
more  easily  share  authentication,  authorization  and  policy  data  across 
corporate  boundaries  as  part  of  XML-based  Web  services  deployments. 
The  notion  of  identity  not  only  of  end  users  but  machines  that  share 
data,  is  thought  to  be  key  in  adopting  Web  services. 

Convergence  of  competing  specifications  from  the  Liberty  Alliance, 
a  consortium  of  160  vendors  and  end-user  organizations,  and  the 
partnership  of  IBM/Microsoft  appears  inevitable,  experts  say  But  so 
far  the  two  sides  are  making  no  promises  while  continuing  to  jockey 
for  a  leadership  position. 

“We  are  voicing  our  concern  over  this  rift  because  we  need  interop¬ 
erability  and  if  we  continue  with  multiple  standards  we  don’t  get  it, "said 
one  executive  with  a  Fortune  100  manufacturer  who  requested 
anonymity  “As  a  major  customer  of  both  IBM  and  Microsoft,  and  as  a 
member  of  the  Liberty  Alliance,  we  think  we  can  influence  them  over 
time,  and  we  are  encouraging  other  companies  and  our  business 
partners  to  do  the  same.” 

Liberty’s  initial  Identity  Federation  Framework,  released  last  year,  is 
available  in  more  than  20  products,  including  products  from  Novell 
and  Sun, and  the  group  is  well  along  with  Phase  2  of  its  specification. 
However,  critics  say  that  phase,  called  the  Identity  Web  Services 
Framework  (1D-WSF),  could  spark  further  contention  with  IBM/ 
Microsoft. 

Last  week,  the  Liberty  Alliance  laid  out  the  differences  between  its 
specification  and  lBM/Microsoft’s  WS-Federation  at  the  Digital  ID 
World  executive  conference.  The  Alliance  also  announced  a  certifi¬ 
cation  program  and  a  merger  with  Radicchio,  which  developed  a 
platform  for  mobile  security. 

“The  1D-WSF  starts  to  bleed  into  what  IBM  and  Microsoft  are  doing, 
and  there  is  much  more  potential  for  conflict,” says  Jamie  Lewis,  CEO 
of  research  firm  Burton  Group. 

The  IBM/Microsoft  tandem  still  is  formulating  its  set  of  specifica¬ 
tions.  including  WS-Federation  and  WS-Fblicy,  under  the  WS-Security 
standard.  The  two  also  continue  to  work  outside  formal  standards 
bodies,  a  fact  that  is  causing  many  large  companies  to  pressure  the 
two  to  get  on  a  standards  track. 

“Absolutely  we  are  putting  pressure  on  IBM  and  Microsoft, ’’says Tony 
Scott,  CTO  of  General  Motors,  which  is  a  member  of  the  Liberty 
Alliance  and  in  the  process  of  deploying  the  technology. “We  have  a 
list  of  standards,  and  we  will  not  use  anything  that  is  not  compliant 
with  that  list  We  are  discussing  with  all  sides  a  clear  path  for  conver¬ 
gence.  It  is  essential  that  the  parties  cooperate.  ■ 


The  truth  is. ..worms,  viruses,  unexpected  traffic  surges,  they're  going  to  get  through.  And  you  can't  stop  them.  The  real  goal  is  crowd  control. .  .maintaining  network  availability.  Because  it's  uptime 
that  counts.  That's  where  we  step  in.  Imagine  a  network  system  so  intelligent,  it  can  quickly  identify  the  difference  between  good  traffic  and  bad,  with  the  sophistication  to  immediately  throttle  down  specific  streams  of 
traffic,  test  it  and  control  it,  while  allowing  others  to  enter  and  flow  freely.  It's  a  new  way  of  dealing  with  a  very  old  problem. .  .maintaining  performance  and  keeping  your  network  from  becoming  an  all-out  bar  room  brawl. 
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Juniper  spearheads 
plan  to  fortify  ’Net 


■  BY  JIM  DUFFY 


Juniper  last  week  disclosed  an 
ambitious  plan  to  unite  the 
industry  around  a  common 
vision  for  public  networking  that 
could  make  the  Internet  secure 
and  reliable  enough  for  full- 
fledged  global  commerce. 

The  company’s  Infranet  Ini¬ 
tiative  attempts  to  resolve  short¬ 
comings  the  vendor  says  are 
inherent  in  the  Internet:  security 
and  peak  performance. 

The  initiative  seeks  to  develop 
two  interfaces  —  a  user-to-net- 
working  interface  (UNI)  be¬ 
tween  customers  and  service 
providers,  and  a  so-called  inter¬ 
carrier  interface  between  ser¬ 
vice  providers  —  that  adhere  to 
a  set  of  interconnection  stan¬ 
dards  that  establish  a  “lowest 
common  denominator”  required 
for  implementation. 


As  things  stand 

Today,  equipment  vendors  and 
service  providers  can  build  from 
an  array  of  standard  and 
non-standard  interconnection 
schemes  that, when  implemented 
differently  disrupt  interoperability 
and  service  consistency 

When  interconnecting  via 
these  two  interfaces,  customers 
and  service  providers  would 
construct  an  “infranet”  that  com¬ 
bines  the  ubiquitous  connectiv¬ 
ity  of  the  Internet  with  the  per¬ 
formance  and  security  of  a  pri¬ 
vate  network,  Juniper  says.  This 
infranet  then  ultimately  will  pro¬ 
vide  the  global  infrastructure 
required  to  support  machine-to- 
machine  grid  computing,  unlock 
the  full  potential  of  Web-enabled 
applications  and  finally  usher  in 
the  era  of  the  online  economy, 
the  company  says. 

Juniper’s  initiative  is  not 
unique.Scores  of  vendor“calls  to 
action”  have  come  and  gone 
over  the  past  20  years,  all  under 
the  guise  of  altruism.  Most,  how¬ 
ever,  turned  out  to  be  vendor- 
motivated  and  produced  embar¬ 
rassing  admissions  that  the 
efforts  petered  out. 
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Nice  try 

Vendor-initiated  “standards”  efforts  that  have  failed, 
gone  silent  or  been  exposed  as  marketing  campaigns. 


1990:  Open  Software  Foundation’s  Distributed  Management 
Environment:  Vendor  politics,  business  entanglements,  resource¬ 
intensive  code  and  redundant  standards  efforts  killed  OSF’s  DME. 

1994:  Management  Integration  Consortium:  Management  platform 
vendors  defected  less  than  a  year  into  the  effort,  killing  MIC. 

“The  four  biggest  platform  vendors . . .  seem  to 
have  effectively  killed  MIG.  This  is  unfortunate." 

— Jim  Herman  and  Mary  Johnston  Turner,  Northeast  Consulting 

1995:  IBM  attempts  to  coalesce  industry  players  around  specifications 
for  common  management,  but  the  effort  is  dismissed  as  a  defensive 
marketing  response  to  a  Microsoft's  acquisition. 

“It's  like  IBM  to  introduce  [cooperation]  as  a  concept 
while  not  necessarily  backing  it  up  with  products.” 

— John  Ferreri,  manager  of  information  systems  research  and 
development,  Block  Drug  Company 

1996:  Web-Based  Enterprise  Management:  Web-based  management 
took  off,  but  all  is  quiet  on  theWBEM  front,  which  turned  out  to  be 
Microsoft's  effortto  kill  Sun’s  Java  momentum  in  network  management. 

The  Network  Interoperability  Alliance:  IBM,  Bay  Networks  and  3Com 
banded  togetherto  tackle  interoperability  of  internet-working  products. 
They  really  formed  an  exclusive  club  to  bash  Cisco.  Cisco  won. 

“NIA  is  mostly  smoke." 

— Don  Miller,  analyst,  Dataquest 

v _ ) 


But  some  analysts  say  Juniper’s 
effort  might  be  significant. 
Although  only  beleaguered  busi¬ 
ness  partner  Lucent  is  onboard 
now,  analysts  say  Juniper  part¬ 
ners  Ericsson  and  Siemens 
might  join  the  effort. 

“It  has  teeth,  but  the  teeth  that 
it  has  initially  are  as  much  polit¬ 
ical  as  technical,”  says  Thomas 
Nolle,  president  of  consultancy 
ClMI.“We  have  to  take  a  look  at 
whether  the  current  standard¬ 
ization  process  launched  and 
controlled  by  the  [Internet 
Engineering  Task  Force]  is  com¬ 
pletely  responsive  to  the  needs 
of  non-Internet  IP  applications. 
Then  we  have  to  say, ‘Is  the  tech¬ 
nology  of  the  products  compat¬ 
ible  with  these  applications?”’ 

Collaboration  needed 

Juniper  says  the  technology  is 
here  now;  what’s  missing  is  col¬ 
laboration  in  the  industry  on 
how  best  to  implement  it  to 
achieve  this  application-aware/ 
service-granular  infranet. 

Current  peering  relationships 
between  service  providers  and 


service-level  contracts  between 
customers  and  service  providers 
fall  short  of  the  Infranet  Initiative 
goal  because  service  assurances 
cannot  be  guaranteed  across 
peering  arrangements  and  cer¬ 
tain  types  of  traffic  cannot  be 
granted  a  greater  level  of  treat¬ 
ment,  the  company  says. 

So  Juniper  is  proposing  “selec¬ 
tively  open”  connections  be¬ 
tween  carriers  —  defined  by 
common  standards  such  as 
Multi-protocol  Label  Switching, 
Resource  Reservation  Protocol 
and  the  Layer  2  Tunneling 
Protocol  —  that  “support  and 
reward  the  delivery  of  advanced 
services,  such  as  content  distrib¬ 
ution  and  [VPNs]”  globally,  vs.  a 
carrier’s  own  network. 

Juniper  did  not  provide  a  time- 
frame  for  completion  of  the 
Infranet  Initiative  UNI  or  intercar¬ 
rier  interface.  The  company  also 
says  it  would  welcome  Cisco’s 
participation  but  had  not  yet 
contacted  its  rival.Cisco  did  not 
immediately  respond  to  an 
inquiry  on  its  position  regarding 
the  Infranet  Initiative.  ■ 


Citrix  users  tout 
server  benefits 

■  BY  ELLEN  MESSMER 

ORLANDO  — The  decision  to  stop  running  applications  at  the  desk¬ 
top  and  instead  run  them  on  a  remote  server  is  not  one  IT  managers 
take  lightly, because  it  entails  risk.  But  according  to  many  Citrix  Systems 
customers,  2,500  of  whom  convened  last  week  for  an  annual  user  con¬ 
ference,  it  can  be  very  beneficial. 

J.P  Savage,  senior  vice  president  of  systems,  operations  and  techni¬ 
cal  services  at  Scotiabank,  Canada’s  second-largest  bank,  gave  the 
conference  keynote.  He  explained  his  switch  from  running  applica¬ 
tions  on  the  desktop  to  a  centrally  located  Citrix  MetaFrame  server. 

Savage  said  he  was  fed  up  with  what  he 
called  the  “Wintel  churn  cycle”  to  upgrade 
Microsoft  applications  and  Intel-based  com¬ 
puters  every  few  years.  Instead,  he  decided 
to  keep  the  older  PCs,  give  his  user  base  the 
Citrix  Independent  Computing  Architecture 
client  for  the  PCs  and  run  updated  Microsoft 
applications  on  Citrix  servers. 

“With  Citrix,  delivering  a  new  browser  —  or 
Windows  Office  —  can  be  done  in  a  week¬ 
end  at  Scotiabank,”  Savage  said.  “We’re 
extending  the  PC  life  cycle.” 

While  the  Citrix  implementation  works 
well,  problems  with  servers  seem  heightened. 

“I  still  have  problems  with  the  Citrix  server 
farm,”  said  Savage,  pointing  out  that  when 
servers  go  down,  it  takes  too  long  to  bring 
them  back  up.  “It  should  take  15  seconds  to 
regain  use,  not  15  minutes.” 

With  client  applications  running  on  servers, 

Citrix  customers  pay  attention  to  how  many  users  can  connect  simulta¬ 
neously  to  one  MetaFrame  Presentation  Server.  This  varies  widely  from 
only  20  to  hundreds.  When  customers  want  to  get  more  mileage  out  of 
servers,  they  sometimes  add  software  to  boost  application  performance. 

Mark  Groves,  IT  manager  at  the  Home  Shopping  Network,  for 
instance, said  in  his  presentation  that  he  found  running  Siebel  Systems 
CRM  software  on  Citrix  was  very  CPU-intensive.  “We  found  we  could 
only  have  25  users  using  this  application,”  Groves  said.  “It  was  very 
expensive.”  But  after  he  added  AppSense’s  Ferformahce  Suite  software, 
servers  could  support  45%  more  users  and  were  more  reliable. 

Fidelity  National  Financial,  a  title  insurance  and  real  estate  firm  in 
Jacksonville,  Fla.,  found  that  putting  different  versions  of  Windows  or  its 
own  proprietary  software  on  Citrix  servers  created  problems.  This 
meant  buying  more  Citrix  servers  to  keep  applications  separate.  But 
Fidelity  National  discovered  it  could  reduce  the  number  of  Citrix 
servers  from  20  to  13  by  adding  Softricity’s  SoftGrid  software  for  group¬ 
ing  applications  through  memory  allocation  and  other  means. 

“We  don’t  have  to  run  separate  servers  for  these  applications  now,  and 
it  reduces  the  administrative  tasks,”  said  Paul  Little,  Fidelity  National’s 
configuration  manager. 

Citrix  has  expanded  its  reach  in  the  last  few  months  through  a  line  of 
security  software  called  MetaFrame  Access  Suite  for  managing  pass¬ 
words,  conferencing,  single  sign-on  authentication  and  a  secure  gate¬ 
way  that  could  be  used  independently  of  the  Citrix  MetaFrame  server. 

Vinny  Sosa,  Citrix  product  marketing  manager,  acknowledged  that 
Citrix  faces  a  battle  for  recognition  for  its  security  wares,  especially 
when  they  compete  against  security  or  portal  products  from  IBM  or 
BEA  Logic.  One  customer,  Wachovia  Bank,  said  it  is  implementing 
Access  Suite  as  its  business  extranet. 

“Using  this,  we’ll  no  longer  have  the  expense  of  leased  lines  with  busi¬ 
ness  partners,”  said  David  Whomsley,  assistant  vice  president  of  infor¬ 
mation  security  at  Wachovia,  the  nation’s  fifth-largest  bank. 

Citrix  says  that  about  120,000  organizations  —  with  a  total  of  50  mil¬ 
lion  users  —  have  chosen  to  make  at  least  part  of  their  business  appli¬ 
cations  available  to  employees  or  trading  partners  using  the  Citrix 
Independent  Computing  Architecture  client  software.  ■ 


J.P.  Savage,  senior  vice 
president  of  systems, 
operations  and  techni¬ 
cal  services  at  Scotia¬ 
bank,  says  his  company 
went  with  Citrix  because 
it  was  tired  of  the 
“Wintel  chum  cycle." 
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Mitel  launches  voice-over-IP  apps,  hardware 


■  BY  PHIL  HOCHMUTH 

Mitel  Networks  last  week  unveiled 
IP  telephony  software  and  hardware 
aimed  at  integrating  voice  into  desk¬ 
top  messaging  applications  and  mi¬ 
grating  businesses  from  TDM  voice 
to  voice  over  IP 

The  company,  which  competes  with 
Avaya,  NEC  and  Nortel,  launched  its 
Collaboration  Suite,  a  desktop  and  server 
software  package  customers  can  deploy 
to  integrate  voice  and  video  conferenc¬ 
ing,  text  chat  and  document  sharing  to 
end-user  desktops. 

Mitel  also  introduced  the  SX-200ICP  a 
200-user  IP  PBX  for  small  businesses  or 
enterprise  branch  offices. 

The  Mitel  Collaboration  Suite  is  a  new 
add-on  for  Mitel’s  Your  Assistant  unified- 
messaging  application  platform.  The 
suite  includes  server  software  and  client 
modules  that  deliver  one  application  to 
desktops  for  managing  multiple  types  of 
conferencing. 

The  Audio  Conferencing  Module  lets 
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Mitel's  SX-200ICP  can  support  up  to  200  IP,  or  regular 
phones. 

end  users  arrange  conference  calls  by 
dragging  and  clicking  participants’  names 
into  a  box  on  the  screen.  Calls  are  placed 
and  switched  into  conference  via  a  Mitel 
PBX  or  IP  PBX  that  attaches  to  a  Windows- 
based  Collaboration  Suite  server.  Video 
Conferencing  module  lets  end  users  with 
Mitel  camera  phones  add  video  to  a  con¬ 
ference  by  clicking  a  button  in  the  desk¬ 
top  application  or  pressing  a  key  on  the 
phone. 

The  Data  Collaboration  module  lets  Col¬ 
laboration  Suite  clients  share  documents, 
such  as  PowerPoint  or  Word  files,  while 
conferencing  over  voice  and  video.  Data 
Collaboration  also  includes  a  secure  real¬ 
time  chat  application  for  conducting  side- 
bar  conversations  during  a  conference. 
Mitel’s  SX200ICP  is  an  IP  version  of  its 


SX200  small-business  PBX.  The 
server-based  IP  PBX  runs  on  a 
VXWorks  real-time  operating  system 
and  supports  up  to  200  users  with  IP 
extensions  (such  as  Session  Initi¬ 
ation  Protocol  phones  and  soft- 
phone  clients),  traditional  Mitel 
phones  or  a  mix  of  the  two. 

The  IP  PBX  comes  with  a  built-in  voice 
mail  system  with  a  Simple  Mail  Transfer 
Protocol  (SMTP)  software  stack.  Mitel 
SMTP  lets  the  box  integrate  with  stan- 
dards-based  e-mail  servers,  letting  end 
users  receive  notification  of  new  voice 
messages  through  e-mail  alerts,  with  a 
WAV  file  version  of  the  voice  mail 
attached  to  the  message.  This  differs 
from  larger-scale  unified-messaging  sys¬ 
tem,  in  which  voice  mail  messages  are 
stored  on  the  same  servers  as  e-mail  and 
voice/e-mail  in-boxes  that  are  more 
tightly  integrated. 

The  new  Mitel  offerings  are  a  strong  sig¬ 
nal  that  the  vendor  is  serious  about  enter¬ 
prise  IP  telephony  says  Ron  Gruria,  an 
analyst  with  Frost  and  Sullivan. 


“The  SX200ICP  gives  legacy  SX200  users 
in  small  businesses  a  clear  convergence 
path,”  Gruria  says.  He  adds  that  Mitel’s 
competitors  have  sent  confusing  signals 
in  the  past  to  their  customers  on  the  issue 
ofTDM-to-IP  migration. 

The  SX2001CP  and  the  Collaboration 
Suite  will  be  available  this  quarter.  The 
SX2001CP  costs  around  $300  per  user  (not 
including  phones),  while  the  Collab¬ 
oration  Suite  starts  at  $400  per  user.  ■ 
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FUD  [fear,  uncertainty  and 
doubt],”  says  Timothy  Kennedy,  a 
senior  projects  engineer  at  con- 
tent-services  firm  YellowBrix  in 
Alexandria,  Va,  “As  Linux  contin¬ 
ues  to  prove  itself  in  the  enter¬ 
prise,  corporations  are  becoming 
more  confident  of  the  perfor¬ 
mance  and  savings  that  Linux 
offers.  And  with  corporate  sup¬ 
port  available  [from  companies 
like  Dell, HP  and  IBM], it  provides 
some  peace  of  mind.” 

What  follows  is  a  wish  list  com¬ 
piled  from  discussions  with  more 
than  a  dozen  network  profession¬ 
als  and  Linux  aficionados: 

1  Monitoring  tools. 

With  Linux  being 
I  deployed  in  more  areas 
of  the  data  center,  users  are  look¬ 
ing  for  better  ways  to  manage 
Linux  systems  —  and  easier  ways 
to  find  those  tools. 

“When  a  machine  hangs,  Ld  like 
to  be  able  to  create  system 
dumps  for  analysis  by  others  or 
myself.  System  tracing  tools  also 
would  be  very  helpful  in  pin¬ 
pointing  problems,”  says  Jeff 
Davis,  technical  lead  at  petrole¬ 
um  firm  Amerada  Hess  in  Hous¬ 
ton.  “Tools  may  exist,  but  I’m  not 
aware  of  them.  Better  marketing 
of  features  of  the  Linux  kernels 
would  probably  make  locating 
new  features  easier  for  the  busy 
systems  administrator!’ 

Davis  adds  that  he’d  like  to  see 
management  tools  focused  on 
networked  Linux  machines  that 
would  enable  him  “to  completely 
automate  management  of  a  large 
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■  THIS  WEEK'S  QUESTION: 

What  year  marked  the 
formation  of  Documentum, 
the  content-management 
company  that  EMC  has 
announced  plans  to  buy  for 
$1.7  billion? 


A. 1985  B. 1987 

C. 1990  D.  1992 

Stumped?  Get  the  answer  online. 

Visit  Ketwwt  *oi id  Fusim  and  enter 
2349  in  the  Search  box. 


number  of  systems,  reducing  the 
day-to-day  administration  tasks 
and  allowing  me  to  focus  on 
value-added  tasks.” 

“Tools  are  becoming  available 
and  Linux  is  inherently  open  to 
this  kind  of  management,”  he 
says. 


2  Reliability. 

New  versions  of  the 
|  Linux  kernel  have  im¬ 
proved  the  operating  system’s  reli¬ 
ability  but  users  say  they  could 
always  use  a  more-hardened  plat¬ 
form.  Disaster-recovery  options 
should  be  expanded,  they  say 
“LVM  2  [Logical  Volume  Man¬ 
agement] /EVMS  [Enterprise  Vol¬ 
ume  Management  System]  and 
back-up  software  need  to  be  im¬ 
proved,”  says  Russell  Coker,  an 
engineer  for  a  software  company 
in  Melbourne,  Australia,  that  he 
asked  not  be  identified.  “Com¬ 
monly  used  applications  such  as 
OpenLDAP  need  to  be  made 
cluster-aware.” 


3  Security. 

Security  continues  to 
■  be  a  big  issue  as  back¬ 
ers  position  Linux  as  a  Unix  or 
Windows  alternative  in  business 
networks.  Efforts  to  steel  the 
operating  system,  including  the 
National  Security  Agency- 
backed  Security-Enhanced 
Linux  (SELinux)  project,  need  to 
be  embraced  by  vendors. 

“Security  is  a  problem.  SELinux, 
plus  better  training  of  administra¬ 
tors,  is  needed,”  Coker  says. 

Bill  Rugolosky  director  of  Tele¬ 
metry  Investments  in  New  York 
City  agrees.  “SELinux  promises  to 
make  Linux  a  whole  lot  more 
secure,  and  given  [recent  attacks 
on  Microsoft  systems]  events 
. . .  very  attractive  to  those  currently 
. . .  using  Windows,”  he  says. 

4  Simplicity. 

Linux  has  the  reputa- 
■  tion  of  being  overly 
complicated,  and  Linux  users 
would  like  to  see  that  image 
softened. 

“It  has  long  been  perceived  by 
some  that  installing  and  configur¬ 
ing  Linux  is  some  sort  of  impossi¬ 
ble  task,  and  only  for  experienced 
computer  enthusiasts  and  profes¬ 
sionals,”  says  Peter  Baylies,  a  com¬ 
puter  consultant  in  Durham,  N.C. 
“I  don’t  think  that  this  is  necessar¬ 
ily  the  case  anymore.The  percep¬ 
tion  part  of  the  problem  can  be 
remedied  through  appropriate 
marketing  and  training.”  Intuitive 
interfaces  and  good  documenta¬ 
tion  would  help  create  a  more 
user  friendly  Linux,  he  adds. 

"My  ideal  Linux  operating  sys¬ 


tem  would  be  very  user-config¬ 
urable  and  responsive,  and  would 
have  a  standard  and  consistent 
interface  for  system  configura¬ 
tion, ’’Baylies  says  “It  would  allow  a 
novice  to  customize  the  environ¬ 
ment  as  much  as  possible.  Also,  it 
would  need  very  little  mainte¬ 
nance,  while  still  keeping  the  sys¬ 
tem  up-to-date.” 

5  Hardware  support. 

Users  are  asking  for 
I  better  support  for  things 
such  as  third-party  drivers,  printer 
management  and  graphic  inter¬ 
faces. 

“1  have  certain  drivers  and 
pieces  of  software  that  require  a 
specific  version  of  the  Linux  ker¬ 
nel,”  Hess’  Davis  says.  “This  makes 
it  difficult  in  some  cases  to  put 
various  pieces  together  on  the 
same  system  or  to  keep  up  with 
kernel  fixes  and  security  updates. 
Many  vendors  ship  drivers  that  I 
can  build  into  any  kernel,  making 
the  kernel  decision  mine.” 

As  for  printing,  Davis  says  that 
today  he  has  to  create  and  man¬ 
age  printers  individually  for  each 
Linux  system.  “Every  time  1  have 
to  visit  all  the  systems  that  need 
access  to  the  printer”  he  says. 
“Some  sort  of  directory  allowing 
users  to  locate  and  connect  to 
printers  on  their  own  would  be 
very  nice.” 

Cohesiveness. 

Users  don’t  want  to 
I  see  Linux  go  the  way  of 
Unix,  where  vendors  created  their 
own  proprietary  versions  that 
made  it  difficult  to  port  applica¬ 
tions  to  one  from  another.  A  more- 
cohesive  approach  would  result 
in  a  better  operating  system, 
they  say 

“1  would  like  to  see  more-united 
Linux  development,”  says  Gabriel 
Kihlman,  a  software  developer  at 
financial  application  firm  Univits 
International  in  Stockholm, 
Sweden.  “The  patchwork  that  a 
Linux  distribution  is  today  does 
not  inspire  confidence.  The  BSD 
operating  systems  have  a  more 
unified  distribution,  which  does 
not  change  as  much  [with]  each 
new  release.  The  difference  be¬ 
tween  the  major  distributions  is  a 
big  drawback.” 

Applications. 

Some  users  running 
■  Linux  have  found  limita¬ 
tions  when  it  comes  to  software 
deployment  and  would  like  to 
see  a  broader  range  of  applica¬ 
tions  supported,  both  on  the 
server  and  desktop. 

“Support  for  Windows-based 
applications  would  be  a  definite 


plus,”  says  Bill  Hicks,  senior  vice 
president  of  technology  and  CIO 
at  Precision  Response,  a  cus¬ 
tomer-care  services  firm  in 
Miami.  “We  are  currently  investi¬ 
gating  the  feasibility  of  running 
Linux  as  a  desktop  solution.  The 
challenge  for  us  is  there  is  a  wide 
range  of  third-party  applications 
we  must  support  or  integrate  at 
the  desktop. This  volume  of  appli¬ 
cation  support  makes  Linux  a 
challenge  on  the  desktop  side. 
However,  there  are  niches  for  us 
to  use  Linux  at  the  desktop,  with 
candidates  being  3270  emulation 
and  base  CRM  environments.” 

8  Skilled  developers. 

Linux  is  becoming 
■  more  widely  deployed 
in  corporate  data  centers,  but 
users  say  that  training  for  Linux 
programmers  is  lagging. 

“We  need  more  skilled  Linux 
programmers,”  the  Australian  soft¬ 
ware  company’s  Coker  says.  “To 
solve  this  we  need  programmer’s 
special  interest  groups  at  user 
conferences  and  we  need  more 
university  support  for  open 
source  programming.  Many  uni¬ 
versities  just  teach  students  how 
to  program  on  Windows,  and  as  a 
result  they  don’t  get  to  learn 
much  (if  anything)  about  how  a 
computer  really  works.  Then 
when  it  comes  to  debugging  race 
conditions,  network  program¬ 
ming,  or  library  code  they  don’t 
have  a  clue  about  what  to  do.” 

GUI. 

Network  execs  would 
■  like  to  see  an  easier-to- 
use  and  better-performing  GUI. 

“[Linux]  is  still  command-line- 
oriented.  1  don’t  consider  that  a 
drawback,  but  newbies  would 
mostly  come  from  the  Windows 
world  and  that  flashing  com¬ 
mand  prompt  is  intimidating,” 
says  Tom  Bakken,  information 
resource  manager  at  U.S.  Depart¬ 
ment  of  Agriculture  Rural  Devel¬ 
opment  in  Temple, Texas. 

Consolidation. 

Instead  of  having 
I  basic  tools  spread 
around  the  operating  system, 
users  would  like  to  see  them  all  in 
one  easy-to-find  location. 

“I  would  go  more  toward  the 
BSD  world  and  collect  all  the 
base  tools  into  one  big  repository 
and  maintain  it  together,”  Univits’ 
Kihlman  says.This  would  remove 
a  lot  of  extra  work  and  free  re¬ 
sources  for  GUI  and  application 
enhancements.”  ■ 
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Aruba  boosts  Wi-Fi 
security,  remote  mgmt. 


■  BY  PHIL  HOCHMUTH 

Aruba  Wireless  Networks  this  week  is 
scheduled  to  launch  a  fixed-configuration 
wireless  LAN  switch  aimed  at  bringing  ad¬ 
vanced  Wi-Fi  management  and  security  to 
branch  offices, or  expanding  deployments 
throughout  a  larger  company 

The  Aruba  800  is  a  12-port  WLAN  switch 
that  could  help  customers  deploy  more- 
secure  and  better-managed  802.1 1-based 
infrastructures  by  providing  centralized 
management  and  security  policy  enforce¬ 
ment  for  Wi-Fi  access  points. 

The  switch  is  the  first  fixed-configuration 
box  from  the  vendor  —  its  5000  series, 
which  debuted  in  April,  is  chassis-based. 
The  company  is  targeting  the  800  model 
at  smaller  offices,  or  branch  locations 
linked  to  a  corporate  network. 

The  Aruba  800  is  a  Layer  2/Layer  3  Ether¬ 
net  switch  with  processors  installed  that 
can  handle  tasks  such  as  Wi-Fi  access 
point  management  and  configuration, 
and  security  enforcement. The  boxes  also 
can  provide  802.3af-based  Power  over 
Ethernet  to  devices  that  support  the  POE 
standard.  This  can  give  users  more  free¬ 
dom  for  deploying  Wi-Fi  access  points 
because  the  devices  don’t  have  to  be 
installed  close  to  an  electrical  outlet. 

The  box  will  compete  with  similar  fixed- 
configuration  Wi-Fi  switches  from  vendors 
such  as  Airespace,  Extreme  Networks, 
Nortel  and  Trapeze  Networks. 

The  Aruba  800  can  be  used  in  enterprise 
branch  offices  for  deploying  wireless 
access  points  that  can  be  managed 
remotely  from  a  central  site  running  an 
Aruba  5000  series  switch,  the  vendor  says. 
In  a  branch  office,  the  Aruba  52  access 
points  attach  to  the  800  connected  to  a 
WAN  router.  This  lets  administrators  in  a 
company  headquarters  remotely  make 
configuration  and  security-access  changes 
to  the  Aruba  52  over  the  WAN. 


With  the  Aruba  800,  the  vendor  is  intro¬ 
ducing  a  feature  it  calls  “wireless  LAN 
MUX-ing, "which  can  let  a  customer  deploy 
a  WLAN  without  making  changes  to  its 
wired  infrastructure.  Aruba  says  its  800- 
brand  devices  can  be  deployed  in  wiring 
closets  and  linked  back  to  a  central  Aruba 
5000  chassis  through  a  proprietary  tunnel¬ 
ing  protocol  over  the  LAN.  This  keeps 
WLAN  traffic  separate  on  the  network  for 
security  purposes  without  forcing  admin¬ 
istrators  to  set  up  a  separate  virtual  LAN 
segment  for  individual  Wi-Fi  access  points. 

Along  with  the  Aruba  800,  Aruba  is  intro¬ 
ducing  AirOS  2.0,  an  upgraded  operating 
system  for  its  switches.  One  new  feature  in 
the  software  is  Wi-Fi  intrusion-detection- 
system  (IDS)  capability 

“Traditional  IDS  products  are  good  at 
stopping  Internet-based  kinds  of  attacks,” 
says  Keerti  Melkote,  vice  president  of  mar¬ 
keting  and  co-founder  of  Aruba.  “But  they 
are  not  the  best  at  identifying  and  stopping 
the  new  kinds  of  wireless  network  attacks.” 

Like  traditional  IDS  gear,  Aruba’s  WLAN 
IDS  looks  for  signature  bit  patterns  on  a 
network  to  identify  a  common  attack. 
According  to  the  company,  an  800  run¬ 
ning  WLAN  IDS  can  identify  malicious 
users  trying  to  scan  a  building  for  avail¬ 
able  access  points.  The  capability  can  be 
used  to  block  wireless  hackers  from  flood¬ 
ing  an  access  point  with  data  requests  to 
disable  the  device. 

The  Aruba  800  costs  $3,000.  AirOS  2.0 
software  with  a  WLAN  IDS  is  priced  at 
$2,000.  ■ 

More  online! 

Stay  on  top  of  the  latest 
wireless  LAN  news, 
reviews,  opinion  and  more 
at  our  Wireless  LAN 
Research  Center. 
DocFinder:  8143 


Wi-Fi  IDS 

Aruba’s  new  800-series  WLAN  switch  and  AirOS  2.0  software  let  users 
detect  Wi-Fi  interlopers. 


O  An  intruder  sitting  outside  a  ©  The  Aruba  800  with  intrusion-detection  system  ©  The  switch  cuts  off  WLAN 
building  tries  to  identify  a  activated  recognizes  telltale  traffic  patterns  access  from  the  identified 

corporate  WLAN  access  point  hitting  an  access  point,  and  identifies  the  source  MAC  address  at  the 

media  access  control  (MAC)  address.  access  point 
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THE 
SDLT  600. 

RELIABILITY  HAS 
NEVER  BEEN  FASTER. 


Now  showing!  The  most 
advanced,  highest  performing 
super  drive  in  the  world! 


The  fastest  transfer  rate  available 


Colossal  capacity 

SAGE 

A  suite  of  highly  intelligent  management  tools 


Backward  compatible  to  the  SDLT  320 
and  DLT  VS160  drives 
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Keeping  it  simple 


General  Mills’  philosophy  is  to  implement  as  few  systems 
as  possible.  The  company  centralized  its  core  appli¬ 
cations  on  HP  servers  and  runs  only  one  model  of  HP 
LAN  switch  throughout  its  Minneapolis  headquarters 
and  branch  offices. 


HP  Superdome 
servers 
running  SAP 


International 
7\ 
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ProCurve  5300  switches  | 
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7,000  users 


Gigabit  Ethernet 
Fast  Ethernet 


© 

HP  Wi-Fi  switches 
and  access  points 


Q  HP  Superdome 
servers  consolidate 
SAP  applications  for 
all  worldwide  offices. 


©  HP  ProCurve  5300 
switches  provide 
backbone  and  LAN 
edge  links. 


©  HP  Wi-Fi  switches  and  access 
points  are  being  deployed  for 
centralized  security  and 
management. 


HP  plans 

low-end 

ProLiants 

■  BY  JENNIFER  MEARS  AND 
DENI  CONNOR 

HOUSTON  —  HP  says  it  will 
expand  its  low-end  ProLiant 
offerings  with  a  100-series  line  of 
Ffentium  servers  that  can  be  used 
to  create  low-cost,  high-perfor¬ 
mance  clusters. 

The  servers  could  ship  by  year- 
end  and  will  compete  with  low- 
priced  servers  from  Dell  such  as 
the  PowerEdge  600SC,  which 
starts  at  $549,  and  low-cost  serv¬ 
ers  from  Sun, such  as  the  Sun  Fire 
v60x,  which  starts  at  $2,450.They 
are  aimed  at  remote  offices  and 
midsize  businesses  looking  for 
reliable  boxes  that  can  be  de¬ 
ployed  with  minimal  IT  support. 
IBM  has  yet  to  focus  on  low-end 
pricing,  analysts  say,  noting  that 
the  company’s  low-end  offerings 
are  designed  to  be  part  of  bigger 
services  or  systems  deals. 

“The  thing  about  these  [new 
HP]  systems  is  they  are  meant  for 
that  part  of  the  market  where 
people  are  building  out  their 
high-performance  technical  clus¬ 
ters,”  says  Jamie  Gruener.an  ana¬ 
lyst  with  The  Yankee  Group.“They 
want  low-CPU-count  and  low- 
cost  boxes  that  they  can  scale 
out  in  a  clustered  way  They  will 
compete  against  the  white-box 
server  market.” 

The  100  series  is  first  being  intro¬ 
duced  in  Asia,  where  HP  unveiled 
the  ML150  early  last  month.  The 
first  100  series  box  to  be  intro¬ 
duced  in  the  U.S.  will  be  similar  to 
that  server,  HP  says.  While  HP 
wouldn’t  give  specifics  on  the 
server,  the  ML150  comes  with 
256M  bytes  of  memory  expand¬ 
able  to  12G  bytes;  a  36G-byte  hard 
drive,  expandable  to  730G  bytes 
of  internal  storage;  and  a  PC1-X 
Gigabit  network  interface  card. 

HP  wouldn't  say  how  much  the 
ProLiant  100  series  servers  will 
cost;  pricing  for  the  ML150  starts 
at  about  $1,100. 

The  new  ProLiant  100  series 
servers  will  scale  up  to  two 
Ftentium  4  Prestonia  processors 
and  come  in  a  tower  configura¬ 
tion,  the  company  says.  As  a 
means  of  scaling  back  cost  and 
complexity,  the  Ik>x  will  feature 
only  limited  management  capa¬ 
bilities  from  Insight  Manager, 
including  remote  management.lt 
also  will  include  management 
CDs  for  simplified  management 
at  remote  office  locations.® 


General  Mills 

continued  from  page  1 

wireless  security,  data  center  con¬ 
solidation  and  a  wide-reaching  IP 
multicast  infrastructure  that  regu¬ 
larly  puts  high-speed  video  on 
more  than  1 7,000  desktops. 

General  Mills  keeps  things  sim¬ 
ple  by  keeping  everything  the 
same  —  even  when  that  involves 
large-scale  rip-and-replace  pro¬ 
jects.  This  was  the  case  when  the 
company  —  which  owns  the 
Betty  Crocker,  Bisquick  and  Cheer- 
ios  brands  —  made  a  $10  billion 
acquisition  of  Pillsbury  in  2001. 

“Our  goal  was  to  replace  [Pills- 
bury’s]  entire  architecture  with 
the  General  Mills  standard,”  John¬ 
son  says.  That  meant  migrating 
Pillsbury’s  ERP  systems  and  server 
platforms  —  from  IBM  to  Sun  and 
Windows  —  to  SAP  The  project 
also  involved  taking  out  Pillsbury’s 
network  infrastructure,  from  the 
LAN  edge  to  the  backbone,  and 
replacing  it  with  General  Mills’ 
standard  HP  infrastructure. 

While  this  project  was  not  inex¬ 
pensive  —  Johnson  wouldn’t  talk 
about  costs  —  the  switch  is  paying 
off  in  terms  of  efficiency  All  of  Pills¬ 
bury’s  electronic  financial  and 
marketing  data  was  converted  to 
General  Mills’ SAP  in  16  months. 

“We  found  that  having  more 
environments  means  more  com¬ 
plexity  and  more  costs,”  he  says. 

The  efficiencies  of  General 
Mills’  IT  philosophy  are  reflected 
in  its  size:  its  IT  staff  of  700  is 
almost  half  the  size  of  the  indus¬ 
try  average  among  $10  billion- 
plus  food  companies,  according 
to  research  from  the  Grocery 
Manufacturers  of  America. 

The  streamlined  infrastructure 
also  shows  in  the  firm’s  IT  budget. 
On  average  it  spends  .5%  of  its  to¬ 
tal  revenue  each  year  on  IT,  which 
equates  to  about  $52  million. 

This  is  lower  than  the  average 
for  companies  of  General  Mills’ 
size,  according  to  2001  research 
from  Gartner.  The  research  firm 
says  large  companies  —  more 
than  $7  billion  —  spend  on  aver¬ 
age  3.5%  of  their  revenue  on  IT. 

General  Mills  runs  only  two 
instances  of  SAP  —  a  North 
American  instance,  and  an  inter¬ 
national  version.  All  international 
and  North  American  branch 
offices  access  SAP  over  a  frame 
relay  WAN  connected  by  Cisco 
7500  routers.  The  company's 
Minneapolis  data  center  is 
backed  up  in  real  time  over  a 
long-reach  Fibre  Channel  SAN. 

To  simplify  its  data  center, 
General  Mills  also  consolidated 
its  servers  onto  two  core  Super- 
dome  clusters  for  running  SAP 


and  racks  of  HP  blade  servers  for 
other  applications  such  as  file 
and  print,  e-mail  and  multimedia. 

“We  are  taking  advantage  of 
Moore’s  Law  by  putting  in  more- 
powerful  processors  every  18 
months,”  Johnson  says.  This  effort 
has  shrunken  the  space  needed 
for  the  Minneapolis  data  center 
from  12,000  square  feet  to  6,000 
square  feet  in  the  past  two  years. 

For  LAN  switching, General  Mills 
has  standardized  not  only  on  one 
vendor,  but  also  one  product.  HP’s 
ProCurve  5300  modular  LAN 
switch  is  deployed  as  the  stan¬ 
dard  Ethernet  box  throughout 
General  Mills’  infrastructure  — 
from  the  wiring  closets  to  the  dis¬ 
tribution  layer  and  backbone. 
General  Mills  runs  10/100M  bit/ 
sec  to  most  desktops,  with  a  back¬ 
bone  of  4G  bit/sec,  built  on  trunk¬ 
ed  Gigabit  Ethernet  connections. 
ProCurve  5300  switches  even  con¬ 
nect  the  company’s  manufactur¬ 
ing  equipment  with  IP;  this  lets 
General  Mills  gather  real-time 
data  from  production  floors. 

“You  won’t  walk  into  a  closet 
and  find  all  different  types  of  ven¬ 
dor’s  gear  [with]  all  different 
models,”  Johnson  says. 

Two  features  on  the  ProCurves 
that  General  Mills  is  exploiting  are 
802.  IX  security  a  LAN  authentica¬ 
tion  technology  and  IP  multicast, 
a  protocol  for  widespread  stream¬ 
ing  multimedia  IP  applications. 

“Multicast  is  kind  of  old  news," 
Johnson  says, “but  we  love  it.” 

General  Mills  has  IP  multicast 
enabled  across  its  network  to  sup¬ 


port  corporate  and  training 
broadcasts.  Multicasting  across  a 
heterogeneous  network  can  cre¬ 
ate  latency  and  jitter  as  streams 
flow  across  different  types  of 
switches,  he  says.  Having  the  same 
switch  in  all  locations  helps  avoid 
this  problem  without  running 
quality  of  service  on  its  streams. 

“802.  IX  is  a  phenomenal  tech¬ 
nology”  Johnson  says.  General 
Mills  plans  to  deploy  the  802.  IX 
standard  on  its  5300  switches  to 
control  end-user  access  to  the 
network-port  level.  The  802. IX 
security  will  tie  users  to  a  specific 
network  port,  preventing  unau¬ 
thorized  users  without  network 
logons  from  using  resources  such 
as  printers  and  Internet  access. 

Where  802.  IX  is  also  playing  a 
big  part  is  in  General  Mills’  wire¬ 
less  plans.  It  is  deploying  HP’s 
ProCurve  720  Access  Controllers 
and  520  series  wireless  access 
points.  The  Access  Controllers,  or 
wireless  LAN  switches,  centralize 
management  of  wireless  access 
points,  and  use  802.  IX  to  control 
access  to  the  network.  Johnson 
says  this  architecture  is  being 
evaluated  in  two  locations  with 
several  hundred  employees,  with 
plans  for  company-wide  deploy¬ 
ment  over  the  next  few  quarters. 

Most  of  the  time,  switch  mainte¬ 
nance  is  done  remotely  through 
HP  OpenView’s  Network  Node 
Manager  software.  Having  the 
same  switch  in  all  locations  also 
makes  it  easier  to  get  parts  sent  to 
General  Mills’  far-flung  locations. 

“We’re  able  to  manage  most 


networks  in  India  and  Australia 
from  right  here  in  Minneapolis,” 
he  adds. 

While  HP  might  not  be  on  the 
bleeding  edge  of  switch  technol¬ 
ogy  compared  with  high-end 
rivals  such  as  Cisco,  Extreme 
Networks  and  Foundry  Networks, 
Johnson  says  this  is  a  non-factor. 

“We  are  much  more  concerned 
about  network  products  that  work 
as  advertised  than  having  the  lat¬ 
est  features  that  we  probably 
wouldn’t  use  anywayf  he  says. 

Many  IT  industry  analysts  and 
experts  shun  the  idea  of  keeping 
an  entire  network  tied  to  one  ven¬ 
dor,  saying  that  this  practice  locks 
users  in  and  takes  away  negotiat¬ 
ing  leverage.  Johnson  insists  this  is 
not  the  case  at  General  Mills. 

“Having  a  single  vendor  gives 
you  a  lot  of  nice  things,”  says  Bob 
Halfner  director  of  research  at 
Gartner.  But  he  adds  that  many  IT 
buyers  that  become  tied  to  a  sin¬ 
gle  vendor,  and  don’t  shop 
around,  could  be  doing  their 
company  a  disservice. 

Johnson  doesn’t  see  it  that  way 

“Why  wouldn’t  you  bid  IBM  vs. 
HRor  one  network  vendor  against 
another?”  he  says.“No  matter  who 
wins  any  bid, you’ll  have  to  spend 
more  money  to  train  your  staff  on 
those  products,”  he  says.’That  cost 
always  outweighs  the  purchase 
price  of  any  one  item.” 

Johnson  says  General  Mills’ 
tight  relationship  with  HP  gives 
the  company  a  greater  voice  in 
terms  of  technology  develop¬ 
ment.  “HP  listens  to  us.  That  lets 
us  ask  for  things,  and  influence 
how  they  come  to  market  in 
some  ways.” 

Blade  servers  and  WLANs  are 
two  HP  product  areas  where  Gen¬ 
eral  Mills  has  had  influence,  he 
says.“Before  they  ever  had  a  blade 
server  line,  we  had  said  this  is 
something  we  were  interested  in,” 
he  says.  “We  talked  to  their  engi¬ 
neers  and  said, ‘This  is  what  we’re 
thinking  about.’”  That  discussion 
resulted  in  General  Mills  getting  a 
custom-built,  pre-alpha  model  of 
HP’s  current  blade  offerings. 

Johnson  says  his  group  also 
pushed  HP  for  more-robust  Wi-Fi 
products,  which  the  firm  started 
to  introduce  this  year.  “We  realty 
pushed  them  on  getting  wireless 
management  and  security  inte¬ 
grated  into  the  ProCurves,  and 
were  pretty  happy  with  the 
results,”  Johnson  says. 

Going  forward,  Johnson  says  he 
would  like  to  see  better  manage¬ 
ment  software  integration  from 
HP“1  would  like  to  see  one  man¬ 
agement  platform  that  manages 
our  data  center  from  network  to 
servers,"  he  says.  ■ 


(e>  server 

Meet  the  IBM  eServer  BladeCenter™ 

When  the  pieces  sync,  powerful  things  happen.  True  for  humans, 
true  for  BladeCenter.  The  IBM  eServer  BladeCenter  system  integrates 
servers,  networking  and  storage  resources  for  ease  of  management 
and  low  TCO.  From  a  centralized  remote  console,  you  can  deploy 
servers  in  minutes  (not  hours  or  days)!  Scale  out.  Reconfigure  on 
the  fly.  Buy  only  what  you  need,  when  you  need  it.  On  demand. 
Powered  by  the  Intel®  Xeon™  processor. 

eServer:  servers  for  on  demand  business. 

Can  you  see  it?  See  it  at  ibm.com/eserver/integration 
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Server,  network  and  storage 
resources  integrate 
to  help  protect  ROI. 

On  demand. 


■ 


Customer  experience  and  savings  will  vary  depending  upon  configuration  and  other  factors.  Blade  servers  for  BladeCenter  are  sold  separately.  IBM.  the  e-business  logo.  eServer  and  BladeCenter  are  trademarks  or  registered  trademarks 
of  International  Business  Machines  Corporation  in  the  United  States  and/or  other  countries.  Intel.  Intel  Inside,  the  Intel  Inside  logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United 
States  and  other  countnes.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2003  IBM  Corporation.  All  rights  reserved. 


Referenced  capabilities  not  available  on  all  models  IBM  eServer  BladeCenter  and  xSeries  systems  require  optional  VMware”  software  For  BladeCenter.  VMware  support  is  provided 
0y  VMware  IBM  the  e  business  logo.  eServer.  BladeCenter  and  xSeries  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation  in  the  United  States 
and  or  other  countries  Windows  is  a  trademark  of  Microsoft  Corporation  in  the  United  States,  other  countries,  or  both.  UNIX  is  a  registered  trademark  of  The  Open  Group  in  the 
United  States  and  other  countries  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2003  IBM  Corporation.  All  rights  reserved 


Our  minds  are  cleverly  organized.  Ditto  IBM  eServer.  IBM  eServer  systems 
offer  logical  partitioning  capabilities,  which  help  you  handle  changing  business 
requirements!  On  demand.  IBM  eServer  systems  can  allow  you  to  leverage  your 
server  investments  while  slashing  costs.  You  can  share  resources  across  multiple 
partitions  using  virtual,  dynamic  technologies.  Which  means  you  can  harness 
unused  capacity  at  an  impressive  rate.  Think  about  it. 

eServer:  servers  for  on  demand  business. 

Can  you  see  it?  See  it  at  ibm.com/eserver/ondemand 
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Finally,  a  company  that  talks  big  and 
works  bigger.  A  company  that  talks  ROI 
and  actually  delivers.  A  company  that 
provides  real  business  value  you  can 
measure.  A  network  solutions  and 
services  provider  called  NextiraOne. 


TOP"? 


At  NextiraOne,  we  bring  clarity  to  your 
complex  communications  networks. 
Planning,  designing,  implementing, 
supporting  and  managing.  For  voice, 
data  and  converged  infrastructures. 

In  the  United  States  or  around  the 
world.  You  name  it,  we  do  it  -  with 
world-class  results. 


www.NextiraOne.com  (888)  888-1055 


www.nwfusion.com 


10/20/03 


Network.Worid  Qj 


General  Datacomm  resurfaces 

Company  shuns  carrier  banner,  set  to  offer  line  of  enterprise  routers  and  switches. 


■  PROFILE: 


GENERAL  DATACOMM 

Location: 

Naugatuck,  Conn. 

Founded: 

1969 

Business: 

Formerly  a  DSU/CSU  andT-1  multiplexer  vendor  for  carriers,  GDC  is  shifting 
to  enterprise  products  after  emerging  from  Chapter  11  in  September. 

Key 

personnel: 

Howard  Modlin,  chairman  of  the  board;  William  Henry,  vice  president 
and  CFO. 

Employees: 

100 

Fun  fact: 

Naugatuck,  Conn.,  is  not  only  GDC’s  world  headquarters;  it  is  also  where 
naugahyde  was  invented. 

■  BY  PHIL  HOCHMUTH 

General  Datacomm,  once  a  leading  WAN 
equipment  supplier  to  carriers,  recently 
launched  a  new  line  of  enterprise  WAN 
gear  as  part  of  its  comeback  bid  from  its 
2001  bankruptcy 


■  Enterasys  Networks  last  week 

launched  its  Matrix  N-5  chassis,  a 

five-slot  modular  switch  that  includes 
built-in  power  support  for  802.3af 
Power-over-Ethernet  modules.  The 
box  lets  users  deploy  in-line  power 
modules  from  Foundry  Networks 
without  adding  additional  power  sup¬ 
plies  or  battery  equipment  in  a  wiring 
closet.  Enterasys  also  announced  the 
N-Series  Gold  Distributed  For¬ 
warding  Engine,  a  new  line  of  10/ 
100/1000M  bit/sec  modules  that  sup¬ 
port  IPv6,  and  IP  packet  forwarding 
on  the  line  cards.  The  N-Series  Gold 
module  starts  at  $8,500. 

■  3Com  this  week  is  expected  to 
announce  its  Router  3000  series  of 
WAN  router  VPN  boxes  for  small  and 
midsize  companies. The  router,  based 
on  technology  from  3Com's  joint  ven¬ 
ture  with  Huawei Technologies,  can 
be  fitted  with  T-1,  ISDN  and  X.25.  The 
box  can  support  site-to-site  VPN 
encryption  and  firewall  functions  for 
253  users.  Pricing  for  the  Router  3000 
series  starts  at  $900. 

■  Snap  Appliance  this  week 
announced  a  disk  expansion  array  for 
its  midrange  network-attached  stor¬ 
age  appliance.  The  Snap  Disk  10 
connects  to  the  Snap  Server  4500, 
enabling  an  additional  terabyte  of 
storage.  Up  to  two  Snap  Disk  10s 
can  be  connected  to  the  4500.  The 
Snap  Disk  10  consists  of  four  hot- 
swappable  parallel  Advanced 
Technology  Attachment  drives.  The 
Snap  Disk  10  costs  $4,000  and  is 
expected  to  be  available  next  month. 


The  vendor,  which  invented  the  T-1  multi¬ 
plexer,  is  at  least  leaner,  if  not  meaner,  after 
its  time  in  Chapter  1 1  purgatory  And  the 
company  says  its  new  line  of  access 
routers  and  remote-access  concentrators 
could  help  businesses  looking  for  an  alter¬ 
native  to  the  industry  standard  in  WAN  gear 
—  Cisco.  The  company  also  is  developing 
new  technologies  in  industrial  Ethernet 
and  what  it  calls  “T-1  emulation.” 

GDC  started  selling  products  to  AT&T  in 
1969  and  has  sold  hardware  to  carriers 
around  the  world.The  company  which  sold 
the  first  T-1  multiplexer,  made  heavy  invest¬ 
ments  in  ATM  in  the  mid-1990s,  while  its 
competitors,  such  as  Cisco,  Nortel  and 
Lucent,  focused  on  Ethernet  and  optical 
networks. 

“We  made  a  big  bet  on  ATM,  and  we  bet 
wrong,”  says  George  Best,  vice  president  of 
marketing  for  GDC.  He  adds  that  the  tele¬ 
com  crash  in  2001  was  the  final  knockout 
blow  for  the  firm. 

In  October  2001,  the  company  filed  for 
Chapter  1 1  bankruptcy  protection.  Since 
then,  according  to  Best,  the  company  has 
repaid  its  debts  through  restructuring  and 
plant  closures,  while  slimming  down  from 
about  2,000  employees  in  2001  to  a  little 
more  than  100  now. 

GDC  this  month  released  its  InnovoX 


■  BY  JENNIFER  MEARS 

ClearCube  last  week  unveiled  its  latest  PC 
blade,  which  lifts  current  distance  limita¬ 
tions  for  the  devices  by  sending  data  over 
IP  and  supports  multiple-user  access  to  a 
single  blade. 

The  company  introduced  I/Port,  a 
small  device  that  sits  on  a  user’s  desktop 
and  connects  via  standard  network 
devices  to  a  server  room  cabinet  with 
racked  blade  PCs. 

PC  blades  separate  the  intelligence  of 
PCs  from  the  desktop,  placing  the  process¬ 
ing  power  in  data  centers  and  computer 
rooms.  Employees  using  the  devices  have 
only  a  monitor,  keyboard  and  mouse  on 
their  desks,  along  with  a  client  appliance 
that  is  linked  back  to  a  blade  server  cen¬ 
trally  located  in  a  chassis. 

The  benefit  of  PC  blades,  proponents  say, 
is  that  PC  management  is  streamlined  be- 


line  of  enterprise  routers,  remote-access 
and  LAN  switch  gear.  The  InnovoX  plat¬ 
form  is  based  on  a  utility  chassis  that  can 
accept  modules  such  as  SurePath  T-1  and 
T-3  WAN  routing  ports, V.34  modem  aggre¬ 
gation,  LAN  switch  blades  and  FastRoute 
LAN  extension  modules. 

The  InnovoX  FastRoute  modules  let  a 
company  connect  two  remote  sites  with  a 
point-to-point  WAN  link  (such  as  frame 
relay  or  ATM)  and  set  up  a  flat  LAN  be¬ 
tween  both  locations  without  IP  routing 
between  the  two  sites. 

FastSwitch  modules  also  can  be  added 


cause  all  the  hardware  is  consolidated  in 
one  place,  making  it  easier  to  upgrade  soft¬ 
ware  and  deal  with  problems.  Spare 
blades,  which  are  slimmed-down  servers, 
also  can  be  configured  to  provide  hot 
backup  so  that  if  a  system  goes  down,  the 
user  will  not  be  affected. 

Companies  such  as  Avocent  also  sell  PC 
blades,  but  the  market  has  been  slow  to 
take  off  in  large  part  because  most  of  the 
devices  have  demanded  a  direct  cable 
connection  that  is  limited  by  distance. 
ClearCubes  flagship  product,  C/Fbrt,  for  in¬ 
stance,  can  send  signals  over  Category  5 
Ethernet  up  to  660  feet  away  Avocent  can 
send  signals  from  its  Cstation  client  device 
to  a  remote  PC  up  to  about  2,600  feet  away. 

HP  has  said  that  it  is  designing  a  thin- 
client-like  blade  PC  that  will  address  those 
distance  limitations  (www.nwfusion.com, 
DocFinder:  8131)  and,  analysts  say,  likely 
give  the  PC  blade  market  a  boost.  While 


to  the  chassis.  The  nine-  and  18-port 
blades  provide  10/100M  bit/sec  Ethernet 
with  features  such  as  SNMP  support  for 
managing  the  device,  and  media  access 
control  filtering  for  blocking  access  to  cer¬ 
tain  resources  from  specific  ports. 

Because  GDC’s  enterprise  routers  are 
based  on  its  widely  used  carrier  products, 
the  vendor  says  its  gear  is  more  reliable 
than  competing  business  routers.  GDC  says 
its  routers  will  cost  30%  less  than  compara¬ 
ble  products  from  vendors  such  as  Adtran, 
Cisco  and  Nortel.  The  FastRoute  starts  at 
See  General  Datacomm,  page  22 


HP  has  not  detailed  its  plans,  analysts  say 
its  product  likely  will  be  similar  to  I/Port 
and  send  signals  across  a  network. 

With  I/Port,  ClearCube  eliminates  the  dis¬ 
tance  limitation  by  sending  signals  over 
standard  Ethernet  protocol,  enabling  data 
to  be  switched  and  transported  along  with 
regular  network  traffic. 

“One  of  the  problems  that  [ClearCube] 
had  was  the  fact  that  there  were  a  lot  of 
installations  that  didn’t  have  close  proximi¬ 
ty  to  a  raised-floor  environment,  so  they 
couldn’t  do  the  direct  cable  stuff.  Their 
environments  were  set  up  to  be  switched,” 
says  Rob  Enderle,  principal  analyst  for 
Enderle  Group. “To  address  the  broad  mar¬ 
ket  ClearCube  had  to  do  this.” 

1/Fbrt  is  similar  to  C/Port  in  that  both  are 
appliances  that  sit  on  a  user’s  desktop  and 
connect  to  a  Wintel  blade  housed  in  a 
chassis.  The  difference  is  that  while  C/Pbrt 
See  ClearCube,  page  22 


ClearCube  expands  reach  of  PC  blades 
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If  someone  breaks  your  Mustang’s  win¬ 
dow  and  hotwires  the  ignition,  can  you 
sue  Ford  for  damages?  That’s  exactly 
what  Marcy  Levitas  Hamilton  of  Los 
Angeles  is  trying  to  do.  Except  in  her  case, 
it's  Microsoft  that’s  on  the  receiving  end  of 
the  lawsuit. 

Hamilton’s  Social  Security  number  was 
stolen  electronically,  which  enabled  her 
identity  to  be  used  fraudulently  costing 
her  many  thousands  of  dollars. We  can  all 
commiserate  with  Hamilton,  but  it’s  hard 
to  see  where  Microsoft  is  legally  at  fault. 

The  suit  has  three  premises.  First,  Micro¬ 
soft  operating  systems  are  inherently  vul¬ 
nerable  to  attack.  There  is  some  truth  to 


Looking  for  blame  in  all  the  wrong  places 


this,  but  —  depending  on  what  the  attack 
was  (and,  incredibly  the  suit  does  not  spec¬ 
ify  this)  —  so  are  other  operating  systems. 
Her  lawyer  offers  only  anecdotal  evidence. 

The  second  premise  is  that  the  plaintiff, 
essentially,  was  forced  to  buy  Microsoft  soft- 
ware.This  certainly  will  come  as  late-break¬ 
ing  news  to  all  of  the  users  of  Macintoshes, 
NetWare  servers,  Unix  and  Linux  hosts  and 
desktops. 

The  final  premise  is  that  even  though 
Microsoft  has  issued  numerous  security 
bulletins  warning  people  about  vulnerabil¬ 
ities,  they  are  both  too  numerous  and  too 
hard  to  understand  for  the  average  com¬ 
puter  user.  Of  course,  if  Microsoft  hadn’t 
issued  the  bulletins  that  fact  would  have 
constituted  the  third  premise.  Darned  if 
you  do,  darned  if  you  don’t. 

There  are  a  number  of  people  responsi¬ 
ble  for  Hamilton’s  losses.  First,  of  course,  is 
the  actual  identity  thief.  This  person  com¬ 
mitted  a  crime  and  should  pay  for  it.  The 


person  probably  doesn’t  have  as  much 
cash  in  the  bank  as  Microsoft,  though.Then 
there  are  the  banks  and  others  who  accept¬ 
ed  “proof”  of  identity  without  adequate 
safeguards  to  determine  that  the  person 
presenting  credentials  really  wasn’t  Ham- 
ilton.That’s  most  likely  gross  negligence. 

If  the  theft  of  identity  occurred  at  a  third- 
party  site  (ISP  or  commercial  Web  site), 
then  that  company  bears  some  responsi¬ 
bility  But  Hamilton  has  to  shoulder  some 
of  the  blame.The  suit  appears  to  admit  that 
she  didn’t  bother  reading  and  following 
the  security  bulletins. 

If  I  were  the  judge  that  would  be  suffi¬ 
cient  cause  to  throw  the  suit  out.  I  simply 
cannot  believe  that  anyone  who  can  oper¬ 
ate  a  PC  would  have  difficulty  following 
instructions  that  said,  in  essence,  “Down¬ 
load  this  file.  Run  it.” 

Hamilton’s  lawyer  is  seeking  to  make  this 
a  class-action  suit.  But  of  all  the  things  this 
suit  lacks,  the  most  obvious  is  class. 


Kearns,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@vquill.  com. 
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Check  Point  gets  into  appliance  business 


■  BY  TIM  GREENE 

Check  Point  —  formerly  a  software-only 
company  —  now  offers  two  lines  of  low- 
end  VPN-firewall  appliances  for  branch 
offices  and  home  offices. 

One  line,  Safe@Office,  will  take  over  for 
the  home  office  appliances  made  by 
Check  Pbint  subsidiary  Sofaware,  which 
will  no  longer  sell  appliances,  but  rather 
will  develop  Check  Point  software  specifi¬ 
cally  for  small,  low-end  VPN  firewalls. 

This  small  office/home  office  line  con¬ 
sists  of  four  boxes  in  the  Safe@Office  fami¬ 
ly  that  cost  between  $300  and  $600,  and  the 
branch-office  devices  include  three  Edge  X 
Series  boxes  and  one  Edge  S8  model  rang¬ 
ing  from  $400  to  $2,000.  The  Safe@Office 
devices  are  manageable  via  a  Web  GUI, 
making  them  better-suited  to  smaller  oper¬ 
ations  where  less-sophisticated  staff  might 
have  to  care  for  them. 

The  branch-office  line  consists  of  VPN-1 
Edge  family  S  and  X  boxes,  which  are  man¬ 
ageable  via  Check  Paint’s  enterprise  Smart- 
Center  software,  its  service  provider  Pro¬ 
vider-1  software  and  SNMP-compliant  plat¬ 
forms,  making  them  suitable  for  companies 
with  small  offices. 

The  S8  costs  $400,  has  a  four-port  LAN 
switch. and  a  single  WAN  port, a  22M  bit/sec 
firewall  and  3M  bit/sec  VPN  encryption. 

The  X16  costs  $800,  has  an  80M  bit/sec 
firewall  and  greater  than  20M  bit/sec  VPN 
encryption. The  X32  costs  $1 ,200,  and  has  a 
150M  bit/sec  firewall  and  greater  than  20M 
bit/sec  VPN  encryption.  The  XU  costs 
$2,000,  and  has  a  150M  bit/sec  firewall  and 
30M  bit/sec  VPN  encryption.  Each  X-series 
box  has  a  four-port  LAN  switch, a  WAN  port 
and  a  second  port  that  can  be  configured 
to  connect  to  another  X  box  for  high  avail¬ 
ability  or  to  a  second  WAN  link,  for  back-up 
Internet  connectivity. 


Check  Point  compares  the  VPN-1  Edge 
gear  to  NetScreen  Technologies’  5GT  Plus 
and  Cisco’s  PIX  501.  They  also  can  be 
compared  with  appliances  made  by 
Check  Point  partner  Nokia,  such  as  its  IP 
130  and  330. 

The  VPN-1  Edge  appliances  are  of  interest 
to  sign  maker  Everbrite  in  Greenfield,  Wis., 
because  they  could  reduce  support  of  VPN 
users,  says  Cindi  Herzog,  the  company’s 
data  communications  administrator.  The 
company  now  uses  Check  Fbint  client  soft¬ 
ware  on  remote  PCs  to  connect  to  the  com¬ 
pany’s  Check  Point  VPN-l/Firewall-1  server 
that  protects  headquarters. 

An  appliance  would  let  multiple  PCs  at  a 
site  connect  to  the  VPN,  she  says,  adding 
that  appliances  made  by  Check  Point  part¬ 
ners  work  well  because  the  companies’ 
products  are  well-integrated  with  Check 
Point  gear. 

Check  Fbint  compares  the  Safe@Office 
family  to  Cisco  PIX  501,  SonicWall  SOH03 
and  WatchGuard  Technologies  SOH06TC. 


ClearCube 

continued  from  page  21 

demanded  a  direct  Cat  5  cable  link,  l/Fbrt 
can  connect  to  its  blade  over  switches, 
hubs  or  other  network  equipment.  In  addi¬ 
tion,  while  C/Fbrt  connects  to  a  dedicated 
PC  blade,  up  to  four  1/Fbrts  can  share  a  sin¬ 
gle  server. 

Enderle  notes  that  sharing  servers  and 
running  signals  over  IP  could  result  in  per¬ 
formance  hits. 

"What  this  is,  is  one  IP  device  talking 
back  to  the  blade  and  connecting  to  the 
blade  virtually  as  opposed  to  physically. 
That’s  what  allows  it  to  be  switched.  The 
advantage  is  you  can  switch  it.  The  trade¬ 
off  is  that  now  you’re  dependent  on  net- 


They  are  also  comparable  to  Nokia’s  IP  130 
and  330. 

Meanwhile,  Nokia  has  announced  its  own 
group  of  appliances  based  on  the  same 
VPN-1  Embedded  NG  software  that  runs  the 
Safe@Office  appliances.  The  four  new  No¬ 
kia  boxes  are  IP40  Tele  8  for  $550;  IP40  Sat¬ 
ellite  16  for  $800;  1P40  Satellite  32  for$l,200; 
and  IP40  Satellite  Unlimited  for  $2,000. 

The  new  Check  Fbint  appliances  can 
make  things  simpler  for  customers,  says 
Mark  Bouchard,  an  analyst  with  Meta 
Group.  Rather  than  have  Check  Fbint  soft¬ 
ware  on  an  appliance  made  by  another 
vendor,  customers  can  buy  it  on  an  appli¬ 
ance  that  Check  Fbint  makes.“It’s  one  appli¬ 
ance  and  one  vendor,  not  two  vendors  you 
have  to  deal  with.  No  finger-pointing 
allowed,”  he  says. 

He  adds  that,  financially  the  move  by 
Check  Fbint  is  risky  because  software-only 
companies  earn  higher  margins  than  hard¬ 
ware  companies, so  the  stock  market  might 
not  respond  well  to  the  idea.H 


working  load,”  he  says. “You  have  network 
load  you  have  to  take  into  account  and 
you  do  get  some  degradation  of  overall 
performance.” 

Raj  Shah,  chief  marketing  officer  for 
ClearCube,  says  the  idea  is  to  provide  an 
option  for  users  who  don’t  need  the  high- 
performance  processing  power  that  exist¬ 
ing  customers  such  as  Morgan  Stanley 
and  British  Petroleum  demand.  By  letting 
four  1/Fbrts  connect  a  single  blade,  the 
cost  for  the  PC  blades  is  reduced,  he  says. 

The  I/Fbrt  will  be  available  in  the  fourth 
quarter.  Pricing  for  a  ClearCube  deploy¬ 
ment  is  based  on  volume,  but  an  average¬ 
sized  deployment  of  the  I/Fbrt  and  blade 
PCs  would  cost  about  $900  per  user  if  mul¬ 
tiple  users  shared  each  blade,  he  says.  ■ 


General  Datacomm 
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$1,000  and  the  FastSwitch  costs  $800  for  a 
nine-port  blade. 

While  GDC’s  initial  products  are  of  the 
bread-and-butter  variety,  the  firm  —  which 
has  1,250  patents  —  has  plans  to  branch 
out,  according  to  Best. 

Industrial  Ethernet  is  one  area  in  which 
GDC  plans  to  launch  a  new  product  over 
the  next  few  quarters.The  firm  plans  to  roll 
out  Ethernet  switch  products  that  can 
bridge  protocol  gaps  between  factory  and 
industrial  automation  equipment  and  IP 

Similar  to  broadband  or  DSL.T-1  emula¬ 
tion  technology  involves  putting  the  equiv¬ 
alent  of  a  64-channel  T-l  over  a  pair  of 
plain  old  telephone  service  (POTS)  cop¬ 
per  wires.  Best  says  this  technology  could 
let  a  company  cut  costs  by  crunching 
more  data  over  less-expensive  POTS  lines 
instead  of  leasing  expensive  T-l  links. 

While  GDC  might  have  grand  plans,  one 
analyst  says,  breaking  into  a  market  domi¬ 
nated  by  one  well-known  player  will  be 
tough  —  but  not  impossible. 

“[GDC’s]  biggest  challenge  is  that  they 
did  not  have  an  enterprise  focus  before,” 
says  Lawrence  Orans,  principal  analyst  at 
Gartner. 

The  most  important  factor  when  a  com¬ 
pany  moves  from  a  carrier-focus  to  the 
enterprise  is  to  establish  its  sales  and  distri¬ 
bution  channels,  he  says. 

“The  problem  they  face  is  how  to  get 
their  products  into  the  sales  channels, 
when  all  the  distributors  are  selling  is 
Cisco,”  Orans  says. 

The  other  big  challenge,  he  says,  is  talking 
enterprise  IT  executives  out  of  buying 
Cisco. 

“There’s  a  perceived  risk  in  not  going 
with  Cisco,  at  least  for  WAN  infrastructure,” 
Orans  says.  While  some  firms  integrate  mul¬ 
tiple  vendors  gear  in  a  WAN,  he  adds, “it’s 
just  not  commonly  done."  ■ 


>10:45  pm.  Account  Manager  Erin  Bliss  finishes  Advanced  Linux  Volume  IX. 
Meanwhile,  husband  Gary  begins  XP  For  Dummies. 
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Take  control  of  your  Internet  security. 


Introducing  Proventia'“  Enterprise  Protection  Products.  Just  because  Internet  threats  are 
complex,  doesn't  mean  your  security  has  to  be.  Finally,  a  single,  unified  protection  appliance 
that  protects  more  with  less,  eliminating  the  cost  and  chaos  of  multiple  stand-alone  security 
products.  Proventia”  centrally-managed  products  range  from  detection  up  to  completely 
unified  and  proactive  multi-function  protection  appliances,  combining  firewall,  intrusion 
prevention  and  anti-virus  technologies.  Take  control  of  your  enterprise  security.  Switch  to 
Internet  Security  Systems  today.  800-776-2362.  www.iss.net/takecontrol. 
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Vendors  bolster  anti-spam  packages 

FrontBridge,  MailFrontier  use  different  tactics  to  combat  spam. 


■  BY  CARA  GARRETSON 

More  anti-spam  vendors  are  expanding 
their  offerings  beyond  blocking  unwanted 
e-mail,  as  FrontBridge  Technologies  pro¬ 
motes  its  disaster-recovery  services  and 
MailFrontier  adds  fraud  protection  to  its 
anti-spam  software. 

FrontBridge,  which  has  provided  disaster 


■  IBM  last  week  agreed  to  buy 
CrossAccess,  an  integration  soft¬ 
ware  developer  whose  technology 
IBM  plans  to  incorporate  into  its  DB2 
Information  Integrator  product. 
Financial  terms  of  the  deal  were  not 
disclosed.  IBM  and  CrossAccess 
already  were  working  together,  and 
CrossAccess’  eXadas  technology  is 
certified  for  use  with  IBM's  DB2 
Information  Integrator.  EXadas  is 
intended  to  help  companies  link  data¬ 
bases  stored  on  mainframes  with 
modern  applications,  allowing  access 
to  legacy  information.  IBM  will  con¬ 
tinue  selling  and  supporting  eXadas 
as  it  decides  how  best  to  combine 
the  technology  with  its  own  data 
integration  software,  the  company 
says.  CrossAccess'  software  and 
personnel  will  become  part  of  IBM’s 
Data  Management  Software  group, 
led  by  General  Manager  Janet  Perna. 

■  Thor  Technologies  and  bea 

Systems  said  last  week  they  are 
integrating  their  provisioning  and 
application  security  software, 
respectively,  to  provide  companies 
with  tighter  control  over  assigning 
and  maintaining  end-user  access 
rights  to  corporate  resources.  Thor's 
Xellerate  provisioning  software  lets 
companies  automatically  set  up 
accounts  across  corporate  systems, 
while  BE A's  recently  released 
WebLogic  Enterprise  Security  plat¬ 
form  provides  security  services  such 
as  single  sign-on  and  rules-based 
authorization. 


recovery  to  customers  of  its  anti-spam, anti¬ 
virus  and  policy  enforcement  services,  is 
making  the  service  available  separately 
starting  at  $345  per  month.  Recent  events, 
such  as  Hurricane  Isabel  and  the  August 
blackout,  spurred  interest  in  FrontBridge’s 
service,  which  will  queue  mail  for  up  to  five 
days  when  a  company’s  servers  are  un¬ 
available,  says  Dan  Nadir,  vice  president  of 
product  management.  FrontBridge  routes 
clients’ e-mail  through  its  eight  data  centers 
in  the  U.S.and  Europe. 

FrontBridge  also  announced  technology 
in  its  anti-spam  service  that  detects  spam 
not  by  a  message’s  content,  but  by  the  orig¬ 
inating  IP  address.  Called  Real  Time  Attack 
Prevention,  this  addition  to  FrontBridge s 
anti-spam  service  detects  IP  addresses  that 
send  out  spam  and  rejects  those  messages, 
Nadirsays.lt  is  available  to  FrontBridge  cus¬ 
tomers  at  no  additional  charge.  Front¬ 
Bridge’s  message  hosting  services  compete 
with  other  enterprise  offerings  such  as 
those  from  Fbstini  and  MessageLabs. 


■  BY  JOHN  FONTANA 

Hoping  to  provide  network  executives 
with  tools  to  support  service-oriented 
architectures, Westbridge  Technology  next 
month  plans  to  upgrade  its  Web  services 
middleware  to  promote  reuse  of  compo¬ 
nents  built  with  the  emerging  technology. 

With  Version  3.0  of  XML  Message  Server, 
users  will  be  able  to  tailor  a  single  Web 
service  for  access  through  a  variety  of 
clients  and  protocols,  the  company  says. 

Westbridge  has  added  to  its  Service  View 
technology  the  capability  to  make  a  Web 
service  available  to  a  user  based  on  a  pro¬ 
file.  A  service  view  aggregates  a  number  of 
Web  services  into  a  single  access  point  on 
XML  Message  Server. 

Service  View  sits  between  a  client  and 
the  back-end  services  connected  to  it, and 
brokers  communication  such  as  format 
transcoding  and  security. 

The  profile  shows  if  a  user  is  accessing 
the  Web  service  via  a  portal,  a  desktop 
application  or  an  extranet,  and  the  proto¬ 
cols  he  is  using,  including  HTTP  and 


While  spammers  might  be  able  to  mask 
their  identity  in  an  e-mail,  they  cannot 
misrepresent  the  IP  address  from  which 
they  send  messages,  Nadir  says.  When 
FrontBridge  detects  an  IP  address  send¬ 
ing  out  large  volumes  of  e-mail  and  that 
address  is  not  associated  with  a  valid 
organization,  the  service  flags  the  IP 
address.  If  FrontBridge  sees  the  only  e- 
mail  originating  from  that  address  is 
spam, all  incoming  mail  from  that  address 
is  rejected,  Nadir  says. 

The  service  will  only  block  IP  addresses 
that  are  sending  out  spam  exclusively; 
e-mailers  at  IP  addresses  that  send  some 
spam  and  some  legitimate  e-mail  will  not 
be  flagged  to  avoid  blocking  wanted 
mail,  Nadir  says.  “This  tool  is  only  useful 
for  really  egregious  spam  houses  that  are 
pumping  out  millions  of  e-mails  all  da^’ 
he  says.  Nonetheless,  these  spammers  are 
responsible  for  the  majority  of  junk  e-mail 
received  today 

MailFrontier,  which  develops  anti-spam 


Secure-HTTP  The  profile  also  dictates 
security  through  support  of  various 
authentication  methods,  including  a 
directory  based  on  Lightweight  Directory 
Access  Protocol,  or  by  accepting  Security 
Access  Markup  Language  tokens.  Users 
also  can  monitor  and  audit  the  activity  on 
each  service  view. 

“Web  services  management  products 
should  help  companies  compose  fine¬ 
grained  Web  services  into  coarse-grained 
business  services,”  says  Jason  Bloomberg, 
an  analyst  with  ZapThink.  He  says  West- 
bridge  does  that  with  its  XML  Message 
Server,  letting  Westbridge  provide  man¬ 
agement  for  a  service-oriented  architec- 
ture.“Westbridge  is  the  first  to  really  deliv¬ 
er  on  this  with  its  service  views.”The  com¬ 
pany  competes  with  vendors  such  as 
Actional,  Amberpoint  and  Digital 
Evolution. 

Also  in  XML  Message  Server  3.0, 
Westbridge  has  added  Smart  Parser, a  mes¬ 
sage  acceleration  technology  that  pro¬ 
cesses  XML  messages  using  streaming 

See  Westbridge,  page  28 


Grime  that  pays 

identity  theft,  which  is 
one  goal  of  fraudulent 
e-mail  scams,  is  the 
fastest-growing  crime 
in  the  U.S. 

SOURC-t  FEDERAL  TRADE  COMMISSION 


client  and  gateway  software,  is  expanding 
its  repertoire  with  the  addition  of  anti¬ 
fraud  software  to  its  Matador  3.5  client 
program. 

The  software  employs  a  number  of 
methods  to  detect  fraudulent  e-mails, 
messages  sent  under  the  guise  of  a  valid 
company  that  include  a  form  or  that 
direct  recipients  to  a  Web  site  where 
they’re  asked  to  input  personal  informa¬ 
tion,  such  as  bank  account  or  Social 
Security  number,  so  their  identity  can  be 
stolen.  Matador  examines  incoming 
e-mail  for  indicators  of  fraud,  such  as 
included  links  to  an  invalid  Web  site  or 
emails  with  embedded  forms  for  recipi¬ 
ents  to  fill  out,  says  Gleb  Budman,  Mail- 
Frontier’s  director  of  product  manage¬ 
ment.  If  enough  indicators  exist,  a  mes¬ 
sage  will  be  sent  to  the  user’s  fraud  folder. 

As  more  email  fraud  is  committed,  more 
anti-spam  vendors  will  add  anti-fraud  capa¬ 
bilities  to  their  offerings,  says  Masha 
Khmartseva.a  senior  analyst  with  The  Radi- 
cati  Group.“We’re  just  at  the  very  beginning; 
[email  fraud]  is  going  to  be  a  big  trend," 
she  says. 

But  technology  alone  won’t  solve  the 
problem. “You  have  to  educate  your  users” 
about  these  kinds  of  threats,  she  says, 
adding  that  most  users  aren’t  sophisticated 
enough  to  tell  when  email  is  truly  coming 
from  a  company  vs.  when  a  spammer  is 
masquerading  as  a  company. 

MailFrontier’s  anti-spam  gateway  com¬ 
petes  with  products  from  Brightmail, 
Tumbleweed  Communications  and 
Cloudmark.The  company’s  Matador  desk¬ 
top  software  competes  with  programs 
from  ContentWatch,  Cloudmark,  Sunbelt 
and  others. 

Matador  3.5  will  be  available  in 
November  for  $29.95.  MailFrontier  plans  to 
add  an  anti-fraud  module  to  its  gateway 
software  late  this  year  or  early  next  year.  ■ 
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services  access  tool 
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Authentication  upgrade  on  tap  from  Funk 

New  version  of  Steel-Belted  RADIUS  supports  Cisco  PEAP  and  Active  Directory. 


■  BY  TIM  GREENE 

Funk  Software  is  introducing  upgraded 
software  that  lets  Cisco  gear  users  authenti¬ 
cate  and  gain  access  to  wireless  networks  via 
Funk’s  RADIUS  servers. 

The  Steel-Belted  Radius  Version  4.5  sup¬ 
ports  Cisco’s  version  of  Protected  Extensible 
Authentication  Protocol  (PEAP),  the  proto¬ 
col  Cisco  uses  to  securely  transport  authenti¬ 
cation  data,  including  passwords,  over  802.1 1 
wireless  networks  without  requiring  digital 
certificates  from  clients. 

RADIUS  servers  sit  at  the  edge  of  corporate 
LANs,  where  their  directories  can  be  used  to 
authenticate  users  and  where  they  also 
define  access  privileges  and  keep  track  of 
when  users  log  on.  PEAP  is  one  of  several 
authentication  protocols  wireless  equipment 
vendors  use  to  secure  access  to  wireless  net¬ 
works  such  as  Microsoft  PEAREAP-TLS,  EAP- 
Tunneled  Transport  Layer  Security  (TTLS), 
Lightweight  EAP  (LEAP)  and  EAP-MD5. 

Before  this  software  release  from  Funk, 
users  needed  a  Cisco  RADIUS  server  or  one 
from  another  vendor  supporting  Cisco  LEAP 
such  as  Meetinghouse  Communications  and 
Interlink. 

This  feature  might  become  essential  to 
Spurs  Sports  &  Entertainment,  the  company 
that  runs  the  San  Antonio  Spurs  basketball 
team  and  the  SBC  Arena,  says  Brandon  San 
Miguel,  network  engineer  for  the  company. 
Spurs  Sports  &  Entertainment  is  considering 
wireless  access  from  within  the  arena  to 
TicketMaster  servers  for  fans  within  the 
building. Wait  staff  serving  fans  in  the  first  10 
rows  would  use  it  to  place  food  and  drink 


orders  and  pass  credit  card  information, San 
Miguel  says. 

Cisco’s  PEAP  plugs  a  gap  for  Cisco  users, 
but  in  the  long  term  other  authentication 
protocols  not  tied  to  a  single  vendor  likely 
will  dominate,  according  to  a  Meta  Group 
study“Users  may  consider  LEAP  as  a  tactical 


Narrowing  options 

By  the  middle  of  2004,  only 
one  or  two  versions  of 
Extensible  Authentication 
Protocol  will  be  used  widely 
in  802.1x  wireless  networks, 
creating  a  de  facto 
standard. 

SOURCE:  META  GROUP 


short-term  solution,  but  they  should  ulti¬ 
mately  move  to  deploy  an  EAP  type  of  solu¬ 
tion  that  is  not  tied  to  a  specific  vendor’s 
hardware,”  the  study  says. 

Meanwhile,  the  Spurs  organization  jumped 
on  another  feature  of  the  new  Steel-Belted 
RADIUS  release  that  supports  better  integra¬ 
tion  with  Microsoft  Active  Directory  and 
Windows  NT  Domains.  Remote  users  who 
log  on  via  SonicWall  VPN  gear  in  the  Spurs’ 
network  are  authenticated  by  Active 
Directory  via  the  Funk  RADIUS  server.  So 
rather  than  storing  a  list  of  user  authoriza¬ 
tions  on  the  VPN  gear  or  RADIUS  server,  Steel- 


Belted  Radius  passes  requests  through  to 
Active  Directory 

Previously,  the  Funk  software  would  not 
check  for  a  single  user  in  different  Active 
Directory  groups. That  could  result  in  a  user 
being  authenticated  to  whatever  group 
Active  Directory  came  across  first,  which 
might  not  be  the  group  with  which  the  user 
was  trying  to  log  on. 

San  Miguel  says  this  feature  makes  it  unnec¬ 
essary  for  authentication  lists  to  be  created 
on  the  SonicWall  gear  or  within  Steel-Belted 
Radius  for  the  roughly  50  VPN  users.  Instead, 
the  authentication  is  passed  through  to  the 
Active  Directory,  which  will  check  all  entries 
for  each  user,  San  Miguel  says. 

Other  new  features  in  Steel-Belted  Radius 
4.5  include: 

•  Support  for  keeping  track  of  wireless 
users  by  name  even  when  they  log  on  anony¬ 
mously.  The  software  now  peers  inside  Funk’s 
TTLS  tunnels  to  see  actual  user  identities  for 
tracking  and  possible  billing  of  users. 

•  Reporting  tools  to  better  parse  log  files 
into  useful  data  such  as  numbers  of  failed 
logon  attempts  by  a  user  and  more  details  on 
why  users  are  rejected. 

•  Redirection  for  users  whose  logon 
attempts  are  rejected.  This  integrates  with 
third-party  software  to  let  administrators 
divert  a  user  to  a  secure  Web  site  where  they 
can,  for  example,  reset  a  password  so  they 
successfully  can  log  on. 

Steel-Belted  Radius  costs  $4,000  for  the 
Enterprise  edition  and  $10,000  for  the  Global 
Enterprise  edition.  Upgrades  for  current  cus¬ 
tomers  cost  $1,400  and  $3,500,  respectively, 
for  the  two  editions.  ■ 


Keynote  pack  manages  streaming  media 


SSH  boosts 

e-commerce 

security 

■  BY  ELLEN  MESSMER 

SSH  Communications  Security 
next  month  plans  to  release  its 
Tectia  product  suite  for  securing 
access  to  proprietary  e-com¬ 
merce  applications  by  making 
use  of  the  IETF  standard  Secure 
Shell  Protocol  instead  of  the 
Web-based  encryption  standard 
Secure  Sockets  Layer. 

Tectia’s  server-based  software 
will  use  SSH  to  authenticate  and  J 
encrypt  CRM  and  ERP  systems.  It 
is  expected  to  provide  single  | 
sign-on  support  to  multiple  back¬ 
end  applications  after  the  user, 
who  must  have  the  SSH  Tectia 
desktop  client  software,  has  j 
authenticated  once  via  password 
or  stronger  authentication,  such  j 
as  smart  cards  or  encryption- 
based  hardware  tokens. 

“SSL  requires  the  applications 
to  be  fully  Web-enabled.  This 
doesn’t,”  says  SSH  Communica¬ 
tions’  CEO  George  Adams,  noting 
the  Tectia  software  will  start  at 
$15,000.  “We  are  taking  the 
underlying  Secure  Shell  Protocol 
so  it  can  be  this  mechanism  for  j 
hundreds  of  thousands  of  user 
systems,  while  also  enforcing 
security  policy  for  them  via  the 
Tectia  manager.” 

Until  now,  system  administra¬ 
tors  more  often  have  used  the 
SSH  protocol  as  freeware  or  com¬ 
mercial  software  to  securely 
access  remote  systems.  SSH  Com-  ! 
munications  says  Tectia  will  | 
broaden  the  use  of  SSH  so  it  can 
provide  end-to-end  security  in 
business  applications  without 
having  to  alter  them  for  Web- 
based  access. 

The  Tectia  Management  Server, 
which  runs  on  any  midrange 
Intel-compatible  or  Sun  Sparc 
computer,  gathers  logs  on  auth¬ 
entication  and  application  ac¬ 
cess  to  the  Tectia  servers.  The 
manager  station  also  can  config¬ 
ure  the  servers  and  set  group 
policies. 

As  an  option,  SSH  Communica¬ 
tions  is  providing  server-based 
software  that  can  check  the  valid¬ 
ity  of  public-key  infrastructure 
digital  certificates  in  business  en¬ 
vironments  that  want  to  rely  on 
multi-vendor  certificates  as  the 
means  for  proving  identity 

In  the  area  of  SSH  commercial 
software,  SSH  Communications 
competes  with  F-Secure  and 
VanDvke  Software.  ■ 


■  BY  JASON  MESERVE 

Keynote  Systems  last  week 
rolled  out  a  streaming  media 
performance  management  ser¬ 
vice  that  lets  customers  check 
the  performance  of  any  stream¬ 
ing  offering,  whether  it’s  live  or 
on-demand,  from  14  points 
around  the  globe  —  nine  in  the 
U.S.and  five  abroad. 

Streaming  Perspectives  3.0  is 
essentially  a  rebranded  release 
of  technology  from  Stream- 
check  —  a  company  Keynote 
acquired  in  July  —  with  an 
expanded  footprint  and  that 
replaces  the  monitoring  system 
Keynote  had  in  place  before  the 
acquisition,  says  Shai  Berger, 
general  manager  of  streaming  at 
Keynote  and  former  president 
of  Streamcheck. 

One  change  that  customers 
will  notice  is  the  way  they 
access  the  Web-based  manage¬ 


ment  and  reporting  interface. 
Previously,  Keynote  provided 
access  to  both  its  streaming 
and  Web  performance  tools 
through  one  interface.  Now 
Streaming  Perspectives  will 
have  its  own  interface  geared 
toward  streaming. 

“[The  previous  version]  suf¬ 
fered  a  bit  because  it  was  not 
streaming-centric  in  attempt  to 
mold  everything  into  one  inter¬ 
face,”  Berger  says.  “Now  we’re 
designed  for  streaming  and 
streaming  only 

By  using  the  service,  cus¬ 
tomers  can  see  how  well  their 
streaming  offerings  are  per¬ 
forming. 

Keynote  tests  a  target  site  or 
file  throughout  the  day  to  gath¬ 
er  statistics  such  as  initial  con¬ 
nect  time,  buffer  time  and 
whether  any  rebuffering 
occurs.  Data  from  all  the  test 
sites  is  aggregated  and  present¬ 


ed  in  numerous  ways  through 
the  Web  interface  or  can  be 
downloaded  using  XML  and 
integrated  into  a  content-man¬ 
agement  system. 

The  pricing  for  Streaming  Per¬ 
spectives  3.0  also  has  changed. 
Previously,  a  flat  rate  fee  covered 
any  URL  that  needed  to  be  mon¬ 
itored.  Now  a  basic  monitoring 
package  that  requires  users  to 


provide  Keynote  with  the  URLs 
to  be  monitored  starts  at  $250 
per  month. 

Customers  who  want  to  enter 
their  own  URLs,  and  start  and 
stop  tests,  can  sign  up  for  the 
Diagnostic  Services,  which  starts 
at  $650  per  URL  monitored  up  to 
75K  bit/sec.  Any  stream  that 
exceeds  75K  bit/sec  is  assessed  a 
surcharge.  ■ 
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The  right  management  should  do  more  than  just  protect. 

It  should  also  enable. 

eTrust"  Security  Management  Software 

In  the  world  of  on-demand  computing,  it's  vital  that  your  IT  environment  be  both  secure  and  accessible.  That's  why  it's  essential  that  you  have 
the  right  security  management  software.  With  eTrust  security  management  software,  you  get  the  very  best  in  access,  identity,  and  threat 
management  all  seamlessly  integrated  with  your  existing  technology.  On  the  one  hand,  you  can  rest  assured,  knowing  that  your  information  is 
safe  from  prying  eyes.  At  the  same  time,  you  don't  have  to  worry  about  partners,  customers  or  employees  being  locked  out  of  areas  that  they 
need  to  access  to  optimize  business.  Best  of  all,  eTrust  can  give  you  a  single  view  of  your  entire  enterprise,  putting  you  in  complete  control.  As 
a  result,  you  can  make  real-time  decisions  based  on  comprehensive  information.  So  if  you're  looking  for  ways  to  minimize  risk  while  maximizing 
your  potential,  or  to  get  a  white  paper,  go  to  ca.com/security.  _ 
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Consider  the  following  scenario: You 
are  the  CEO  of  a  3-year-old  start-up 
company  in  the  business  of  develop¬ 
ing,  according  to  your  Web  page  “entertain¬ 
ment  technology  that  guards  the  content 
ownership  rights  of  publishers,  artists  and 
record  companies  without  getting  in  the 
way  of  the  listening  experience.”Your  prod¬ 
uct  has  just  been  adopted  by  a  major  com¬ 
pany  in  your  area  and  has  started  shipping 
to  great  publicity.  The  product  seems 
almost  too  good  to  be  true  and,  if  the 
reports  are  to  be  trusted,  everyone  loves  it. 
The  future  looks  bright  indeed. 

Then  along  comes  some  geek  who  tells 
the  world  that  your  technology  can  be  de¬ 
feated  with  the  little  finger  of  the  left 


Reach  for  the  stupid  juice 


hand.  Not  only  does  the  emperor  have  no 
clothes,  the  underwear  is  also  missing. 
What  should  you  do?  It  is  far  too  late  to 
have  developed  a  product  that  did  what 
the  hype  said  it  would  do.  You  are  in  a 
bind. The  future  of  the  company  depends 
on  your  next  move.  If  you  are  the  CEO  of 
SunnComm,  you  reach  for  the  stupid 
juice  and  take  a  big  swig. 

When  this  story  broke  it  was  hard  to 
believe.  A  brand-new  copy-protection 
scheme,  shipped  with  great  fanfare  on  a 
new  music  CD  distributed  by  one  of  the 
biggest  companies  in  the  music  business, 
could  be  defeated  by  holding  down  the 
shift  key  when  inserting  the  CD  into  a  PC. 
How  could  any  company  be  so  clueless  as 
to  think  that  this  would  not  be  very  quickly 
figured  out  and  the  exploit  would  become 
instantly  well  known?  When  I  first  heard  of 
it  1  dismissed  the  story  as  untrue  because  it 
was  just  too  improbable. 

But  a  day  or  so  later  comes  the  bomb¬ 
shell.  It  turns  out  that  the  story  was  true. 


Not  only  was  the  story  true,  but  the  CEO 
of  SunnComm,  the  company  that  devel¬ 
oped  the“protection"system,was  going  to 
sue  the  student  who  revealed  the  work¬ 
around.  (I  have  to  put  the  word  “protec¬ 
tion”  in  quotes  because  they  must  have  a 
different  definition  of  the  word  than  1  do.) 
He  said  the  company  was  going  to  sue 
the  student  for  maligning  its  reputation 
and  refer  the  case  to  federal  authorities 
because  the  student  violated  the  Digital 
Millennium  Copyright  Act’s  (DMCA)  pro¬ 
bation  of  distributing  tools  for  circum¬ 
venting  copy-protection  systems.  (The 
CEO  must  have  thought  the  student  was 
shipping  out  boxes  of  little  plastic  fingers 
to  be  used  to  push  the  shift  key.) 

I  suppose  that  there  could  be  a  more  per¬ 
fect  example  of  what  is  wrong  with  the 
DMCA  and  the  companies  that  support  it 
than  this  case,  but  it  would  take  some  real 
expertise  to  develop  it.  The  DMCA,  when 
used  this  way,  tries  to  protect  the  stupid.  If 
the  aim  actually  had  been  to  protect  the 


WWW. 


music,  the  law  would  have  encouraged 
researchers  to  find  and  report  flawed  pro¬ 
tection  technologies.  Whatever  protection 
the  DMCA  offers  will  be,  at  best,  temporary 
Good  technology  might  be  hard  to  devel¬ 
op  but  hiding  flaws  is  not  the  same  as 
ensuring  there  are  fewer  flaws. 

In  SunnComm's  case  the  stupid  juice 
wore  off  the  next  day  and  the  CEO 
dropped  the  idea  of  calling  out  the 
lawyers,  but  not  before  he  became  a  poster 
child  for  those  who  think  that  putting  on 
blinders  means  the  real  world  goes  away 

Disclaimer:  Harvard  researchers  many 
years  ago  showed  that  long  before  children 
reach  the  age  when  they  can  talk  they  real¬ 
ize  that  hiding  things  does  not  make  the 
things  go  away.  But  I  did  not  talk  to  the 
researchers,  or  the  kids,  about  the  DMCA 
example  of  arrested  development. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


SeeBeyond  improves  application  integration 


■  BY  JAMES  NICCOLAI 

SeeBeyond  Technology  last  week  re¬ 
leased  a  comprehensive  upgrade  to  its 
suite  of  integration  products,  adding  new 
components  that  could  let  customers  more 
easily  build  composite  applications  assem¬ 
bled  from  existing  programs. 

The  SeeBeyond  Integrated  Composite 
Application  Network  (ICAN)  suite  Version 
5.0,  which  the  company  has  called  its  most 
significant  upgrade  in  four  years,  is  certified 
as  compliant  with  Version  1 .3  of  Sun  Java  2 
Platform  Enterprise  Edition  (J2EE).  Among 
other  things,  J2EE  compliance  means  a 
customer  can  deploy  applications  config¬ 
ured  using  ICAN  on  application  servers 
from  other  compliant  vendors, such  as  BEA 
Systems  and  IBM.  It  also  provides  develop¬ 
ers  with  a  more  familiar  and  consistent  run¬ 


Westbridge 

continued  from  page  25 

technology,  parsing  only  certain  informa¬ 
tion  and  caching  things  such  as  security 
credentials  and  formatted  data.  West- 
bridge  also  added  what  it  calls  Auto¬ 
validation,  which  lets  XML  Message  Server 
generate  XML  schemas  from  Web  Services 
Description  Language  files  and  ensures 
each  message  conforms  to  a  particular 
schema  or  format. 

Additionally,  Version  3.0,  which  runs  on 
Linux.  Unix  and  Windows,  features  inte¬ 
gration  with  identity  management  plat¬ 
forms  from  Oblix  and  RSA  Security 

A  new  dynamic  routing  feature  can  alter 
the  routes  of  messages  in  case  of  a  net¬ 
work  failure  or  to  satisfy  the  requirements 
of  a  service-level  agreement. 


time  environment  in  which  to  work,  says 
Alex  Andrianopoulos,  vice  president  of 
product  management  at  SeeBeyond. 

Also  upgraded  is  elnsight  Business 
Process  Manager,  which  includes  graphical 
tools  for  mapping  out  a  business  process. 
Version  5.0  includes  an  implementation  of 
the  proposed  Business  Process  Execution 
Language  standard.  It  also  makes  use  of 
Web  services  technologies  such  as  Web 
Services  Description  Language  and  Simple 
Object  Access  Protocol. 

Version  5.0  also  includes  components  for 
building  composite  applications. These  are 
assembled  by  linking  existing  applications 
that  comprise  a  business  process,  adding 
some  new  business  logic  and  creating  a 
user  interface  for  the  resulting  program. 
EVision  Studio  is  a  new  tool  included  for 
creating  GUIs  for  composite  applications, 


EAP  options  will  narrow 

By  the  middle  of  2004,  only 
one  or  two  versions  of 
Extensible  Authentication 
Protocol  will  be  widely  used 
in  802.1X  wireless  networks, 
creating  a  de  facto  standard. 

SOURCE  META  GROUP 


XML  Message  Server  3.0  supports  multi¬ 
ple  administrators, each  with  their  own  set 
of  access  privileges, and  includes  a  plug-in 
for  Microsoft  Office  that  helps  secure 
access  to  XML  documents  using  the  desk¬ 
top  software. 

The  server  is  expected  to  ship  Nov.  30. 
Pricing  starts  at  $35,000.  ■ 


while  ePortal  composer  acts  as  a  GUI  aggre¬ 
gator  for  personalizing  access. 

Also  new  is  eView  Studio,  which  uses 
probability  matching  to  provide  one  view 
of  an  entity  featured  in  multiple  applica¬ 
tions.  For  example,  a  bank  could  produce  a 
single  view  of  a  customer’s  checking 
account,  savings  account  and  investment 
activities. The  suite  also  adds  eBAM  studio, 
a  tool  for  business  activity  monitoring. 


■  BY  DENI  CONNOR 

CommVault  Systems  last  week  launched 
a  management  tool  and  enhancements  to 
two  software  packages  to  help  users 
archive  and  preserve  their  storage  data. 

CommVault  says  it  hopes  the  new  prod¬ 
ucts  —  which  include  QiNetix  Data- 
Archiver,  QiNetix  Quick  Recovery  5.0  and 
QiNetix  DataMigrator  5.0  —  help  compa¬ 
nies  manage  access  and  storage  across 
multiple  copies  of  data  and  improve  appli¬ 
cation  operational  performance.  This  will 
lower  overall  storage  costs,  it  says. 

DataArchiver  is  a  software  module  for  the 
company’s  QiNetix  data-protection  prod¬ 
uct  suite.  It  archives  Microsoft  Exchange 
e-mail  and  lets  users  perform  cross-mail- 
box  full-content  searches  and  capture  and 
monitor  all  inbound  and  outbound  e-mail. 
Pricing  is  $50  per  month,  per  mailbox. 

The  software  lets  users  retain  email  for 
specified  time  periods  and  access  the 


ICAN  Version  5.0  also  supports  HP’s 
NonStop  high-availability  servers,  Andri¬ 
anopoulos  says. The  suite  components  are 
available  separately  priced  from  $80,000  to 
$200,000,  with  pricing  for  a  typical  configu¬ 
ration  ranging  from  $250,000  to  $500,000, 
he  says. 

Niccolai  is  a  correspondent  with  the  IDG 
News  Service's  San  Francisco  bureau. 


email  when  necessary  Users  can  search 
the  email  archive  for  evidence  discovery 
or  compliance  with  government  requests. 

The  company  also  enhanced  its  quick 
data  recovery  software  by  adding  support 
for  EMC’s  SnapView  2.0  and  Microsoft’s 
Virtual  Shadow  Service. These  products  let 
users  create  point-in-time  recovery  vol¬ 
umes  on  any  magnetic  disk,  allowing  full 
recovery  of  applications  in  minutes, 
instead  of  hours.  Version  5  of  Quick 
Recovery  also  supports  Solaris,  and  Oracle 
servers  running  on  Solaris.  And  now  incre¬ 
mental  updates  are  faster.  QiNetix  Quick 
Recovery  starts  at  $2,500  per  host  being 
recovered. 

CommVault  also  enhanced  its  Data¬ 
Migrator  software,  which  moves  files  to  less 
costly  storage.  Version  5.0  supports  Solaris 
and  Microsoft  Exchange.  In  Exchange,  the 
product  also  supports  Outlook  Web  Access 
and  migration  of  PST  files.  Pricing  starts  at 
about  $50  per  monitored  in-box.  ■ 


CommVault  rolls  out 
data-protection  software 


The  right  management  can  increase 

the  storage  capacity  of  your  existing  infrastructure. 

BrightStor  Storage  Management  Software 

All  the  hardware  in  the  world  can't  solve  increasingly  complex  data  storage  problems.  That's  why  it's  more  important  than  ever  to  have  the  right 
management  software.  With  BrightStor  storage  management  software,  you  can  now  maximize  every  bit  of  your  existing  bytes  so  your 
hardware  can  perform  to  its  full  potential,  rather  than  operate  at  partial  capacity.  In  addition,  you  can  not  only  store  data,  but  actually  access 
it  when  you  need  to  in  order  to  make  smarter  business  decisions.  BrightStor  also  integrates  easily  with  all  of  your  existing  software  and 
hardware  and  is  automated  so  your  employees  can  focus  on  the  business,  not  the  process.  Best  of  all,  better  storage  management  means 
lower  total  cost  of  ownership  and  higher  ROI.  So  you  may  even  need  to  make  more  space  for  revenue  on  your  bottom  line.  To  find  out  how  to 
make  the  most  of  your  IT  storage  environment,  go  to  ca.com/storage.  — 
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Network  Security  Projects, 
Lucent  Worldwide  Services 


We  make  any  service  provider  network 

more  secure. 


Network  Planning 
&  Standards, 
Lucent  Bell  Labs 
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Together,  Lucent  Worldwide  Services  and  Bell  Labs  bring  you  unrivaled  networking  expertise  and  intelligent 
tools  to  help  make  your  network  more  secure.  With  our  Network  Survivability  Assessment  Service,  we  analyzed 
a  global  service  provider's  network  and  quickly  developed  a  security  scorecard  recommending  critical  network 
enhancements  across  eight  security  dimensions.  Then  we  showed  them  how  to  make  the  upgrades  without 
service  disruption.  See  how  we  can  make  your  network  more  productive,  more  reliable,  and  more  secure  than 
it  is  today  at  www.lucent.com/lws. 

Lucent  Technologies 

Networ  ks  that  work  smarter.  Networks  that  work  harder.  Beil  Labs  innovations 


■  WIRELESS  ■  REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE  DEVELOPMENTS 


Sprint  beefs  up  SLAs  on  data  services 


■  BY  DENISE  PAPPALARDO 

Sprint  is  streamlining  service-level  agree¬ 
ments  for  its  global  IP  ATM  and  frame  re¬ 
lay  data  services  to  offer  users  more 
choices  and  stronger  guarantees. 

The  carrier  says  it  will  offer  IP  customers 
a  minimum  jitter  guarantee  and  a  full 
month  service  credit  if  it  doesn’t  meet  the 
SLA  for  some  of  its  Layer  2  IP  services. 
Sprint  also  is  offering  data  customers 
three  classes  of  SLAs  they  can  select  as 
they  negotiate  new  contracts  or  renewals. 

“Network  performance  is  very  intangi¬ 
ble  and  confusing.  We ’re  trying  to  simplify 
these  SLAs  and  make  them  more  relevant 
to  customers,”  says  Pete  Parish,  director  of 
product  management  for  Sprint  Business. 

Sprint  announced  its  new  SLA  structure 


■  Infonet  Services  corporate  cus 
tomers  will  be  able  to  access  more 

than  5,000  broadband  wireless 
hot  spots  managed  globally  by 

Boingo  Wireless  under  an  agree¬ 
ment  announced  last  week.  The  part¬ 
nership  extends  the  coverage  of 
Infonet's  wireless  MobileXpress 
service.  Infonet  provides  communica¬ 
tion  services  to  more  than  2.5  million 
users. 

■  Avici  Systems  last  week  unveiled 
software  designed  to  reduce  the  time 
its  routers  take  to  recover  from  a 
network  disruption.  The  software  fea¬ 
ture  is  called  Reliable  Alternate 
Paths  for  Internet  Destinations, 
and  it  is  included  in  Avici's  IPriori 
6.0  routing  code.  RAPID  is  intended 
to  improve  the  convergence  times  of 
networks  built  with  its  Internet 
routers.  RAPID  also  lets  carriers 
offer  higher  margin  “premium"  IP 
services  and  better  support  real-time 
applications  such  as  voice  and  video, 
Avici  says.  The  technology  also  can 
help  carriers  reduce  operational 
costs  by  minimizing  service  disrup¬ 
tions  and  the  associated  customer 
service  and  maintenance  activities, 
the  company  says. 


at  ITU  Telecom  World  2003  in  Geneva 
last  week. 

For  the  first  time  the  carrier  will  offer  IP 
customers  a  guarantee  that  jitter  across  its 
IP  network  will  be  less  than  2  millisec¬ 
onds.  Voice  and  video  applications  are 
particularly  sensitive  to  jitter,  which  can 
cause  serious  quality  degradation  if  la¬ 
tency  is  high. 

While  Sprint  isn’t  the  first  carrier  to 
include  jitter  in  an  SLA,  it’s  one  of  the  first 
to  offer  it  across  all  standard  IP  services. 
Cable  &  Wireless  and  Equant  both  offer  a 
jitter  SLA  with  their  IP  VPN  services,  but 
not  with  their  dedicated  Internet  access 
services. 

Sprint’s  jitter  guarantee  will  be  available 
across  all  of  its  IP  services,  including  its 

See  Sprint,  page  32 


Sprint  SLA  lineup 

Sprint  is  offering  three  levels  of  SLAs  to  IP,  frame  relay  and  ATM  customers. 
Here  is  the  base  guarantee. 


SLA 

Network 

availability 

Latency 

Packet  loss 

Jitter 

Standard  SLA 
Dedicated  IP 

100%*  or  99.9% 

Less  than  55 
millisec 

Less  than  .3% 

Less  than  2 
millisec 

Standard  SLA 
for  frame  relay 

99.9% 

Less  than  100 
millisec 

Less  than  .1%** 

n/a 

Standard  SLA 
for  ATM 

99.9% 

Less  than  100 
millisec 

Less  than  .01% 
up  to  1%*** 

n/a 

‘If  on  Sprint’s  Broadband  metropolitan-area  network. 

“For  permanent  virtual  circuits  with  committed  information  rates. 
“’Depending  on  dedicated  bit  rate. 


Start-up  offers  SSL  remote  access 


■  BY  TIM  GREENE 

Positive  Networks  is  trying  to  jump  into 
the  Secure  Sockets  Layer  remote-access 
market  with  a  service  that  enables  safe 
Internet  connections  to  corporate  net¬ 
works  from  virtually  any  remote  comput¬ 
er,  whether  it  is  company-issued,  employ¬ 
ee-owned  or  borrowed. 

The  two-year-old  start-up  that  is  based  in 
Kansas  City,  Kans.,  calls  its  service 
PositivePRO  VPN,  which  is  designed  to 
compete  with  traditional  IP  Security 
remote-access  VPNs  and  SSL  remote- 
access  networks. 

Positive  says  it  is  trying  to  make  it  easy  to 
give  businesses  remote-access  options.  If 
the  remote  computer  is  borrowed,  the 
PositivePRO  connection  is  made  using  the 
SSL  capabilities  in  the  PC’s  browser, 
restricting  access  to  Web-based  applica¬ 
tions.  If  the  computer  is  owned  by  an 
employee  or  by  the  company,  users  can 
increase  connection  features  by  down¬ 
loading  a  software  agent. 

The  agent  can  reconfigure  the  remote 
machine  so  it  meets  corporate  security 
policies.  So  if  a  computer  doesn’t  have  the 
correct  firewall  settings  and  had  its  anti¬ 
virus  software  turned  off,  for  example, 
Positive’s  agent  could  correct  the  settings 
and  turn  on  the  virus  scanning.  It  also  can 
check  for  registry  settings  and  appropriate 
operating-system  patches.  Once  the  ses¬ 
sion  is  over,  the  agent  returns  the  comput¬ 


■ 

PROFILE:  POSITIVE  NETWORKS 

Location:  Kansas  City,  Kans. 

Founded:  May  2001 

Founders:  Tim  Sutton,  CEO;  Steve 
Dispensa,  CTO. 

Service:  PositivePRO  remote  access. 

Financing:  Digital  CoastVentures,  $1.5 
million;  private  investors,  $1.9  million. 

Competitor:  Aventail,  OpenReach, 
SSL  remote-access  appliance  vendors. 

Employees:  20 

Fast  fact:  Most  of  the  executive  team 
worked  for  Sprint. 

er  to  its  original  configuration. 

With  the  agent  installed  on  desktops  at 
corporate  sites  and  on  remote  machines, 
remote  users  can  take  direct  control  of 
these  machines,  giving  users  the  exact 
network  capabilities  they  have  when  they 
are  in  the  office.  They  also  can  access  to 
files  stored  only  locally  on  those  desktops. 

Positive  says  it  wrote  all  its  own  software 
with  the  idea  of  making  it  simple  to  set  up 
and  manage  remote  access.  That  is  what 
attracted  Liz  Patterson,  IT  manager  for 
Amperion,an  Andover,  Mass.,  start-up  that 
makes  data-over-powerline  gear.  She  had 
been  using  SonicWall  IP  Security  VPN 
gear  for  remote  access,  but  setting  up  con¬ 


nections  over  certain  ISP  networks  proved 
difficult  or  impossible. 

Using  Positive’s  management  platform, 
Patterson  sets  policies  and  authorizes 
users.  Amperion  software  developers  use 
the  service  to  upload  work  to  servers,  and 
she  has  used  it  to  access  her  corporate 
e-mail  from  her  home  computer.  The 
PositivePRO  agent  reconfigures  the  com¬ 
puter  to  meet  Amperion  policies,  and 
returns  it  to  its  former  configuration  when 
the  session  is  over. 

She  considered  using  remote-access  ser¬ 
vice  provider  OpenReach,  but  each  site 
required  an  OpenReach  server.  Fbsitive 
requires  each  site  to  have  a  device  that 
can  terminate  an  IPSec  tunnel,  but  she 
already  had  those  in  the  SonicWall  gear. 

Fbsitive  uses  an  IPSec  tunnel  between 
each  corporate  site  and  its  point  of  pres¬ 
ence.  Remote  users  create  SSL  tunnels  to 
the  Fbsitive  POP  and  the  SSL  tunnels  are 
spliced  to  the  IPSec  tunnels  to  complete 
the  connection. 

Rather  than  buying  a  remote-access  ser¬ 
vice,  customers  can  set  up  their  own  SSL 
remote  access  with  appliances  that  proxy 
between  remote  computers  and  servers 
behind  the  corporate  firewall.  Vendors 
such  as  Neoteris,  Netilla,  Nortel  and  Whale 
Communications  among  others  make 
these  devices.  Aventail  provides  an  SSL- 
based  remote-access  service. 

FbsitivePRO  costs  about  $20  per  user  per 
month.  ■ 


www.nwfusion.com  [ 
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Service  Providers 


EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


Sometimes  the  best  advice  comes 
from  unlikely  places.  California  gov¬ 
ernor-elect  Arnold  Schwarzenegger 
used  as  a  campaign  theme  the  song 
“We're  Not  Gonna  Take  It”  from  the  '80s 
rock  group  Twisted  Sister. 

Embarrassing  confession  time:  As  a  for¬ 
mer  Twisted  Sister  fan,  I’ve  been  known  to 
belt  out  the  song  in  private  moments.  But 
for  those  of  you  who  don’t  remember  (or 
have  better  musical  taste),  the  song 
includes  the  lyrics,  “We’ve  got  the  right  to 
choose  and  there  ain’t  no  way  we’ll  lose  it 
. ...  We  ain’t  gonna  take  it  anymore.” 


Teaching  service  providers  to  offer  choices 


The  lines  evidently  worked  for  Arnold. 
They’re  also  tailor-made  for  network  exec¬ 
utives  looking  for  choice  from  their  telco 
providers. 

Unfortunately,  getting  the  telcos  to  offer 
choices  can  be  challenging,  as  a  reader 
recently  pointed  out  in  a  response  to  a  col¬ 
umn  about  disaster  recovery:  “The  sugges¬ 
tions  that  you  give  in  your  column  are 
great,  but  useless  unless  you  answer  the  fol¬ 
lowing  question:  How  do  you  get  the  carri¬ 
ers  to  share  their  plans  for  circuit  routing 
and  disaster  recovery?” 

The  question  begs  a  broader  one:  How 
do  you  get  the  telcos  to  do  anything?  From 
a  telecom  manager’s  perspective,  it  often 
feels  as  though  the  options  are  to  accept 
what’s  offered  or  do  without. 

Here  are  some  steps  to  take  when  negoti¬ 
ating  with  telecom  providers  to  maximize 
your  choice: 


First,  remember  that  you  have  greatest 
leverage  at  the  time  when  you’re  renewing 
your  contract. So  bring  up  issues  —  such  as 
your  requirement  for  seeing  circuit  routes 
and  disaster-recovery  plans  —  at  that  point. 
Make  clear  that  your  business  depends  on 
their  willingness  to  deliver.  Also,  ask  your 
own  users  for  other  issues  that  matter  to 
them. Then  be  prepared  to  put  them  all  on 
the  table  when  negotiating. 

Second, your  biggest  negotiating  weapon 
is  a  willingness  to  walk  away  from  an  exist¬ 
ing  provider  if  it  doesn’t  comply  I’ve  often 
worked  with  IT  executives  who  aren’t  will¬ 
ing  to  leave.  Many  times  this  is  because  of 
“directions  from  above”:  Their  CIOs  or 
CEOs  play  golf  with  senior  telco  executives 
or  view  the  telecom  relationship  as  a  strate¬ 
gic  partnership. 

Advise  your  bosses  that  if  they  want  you 
to  bring  the  best  deal  to  the  table,  what  you 


need  from  them  is  100%  support  for  poten¬ 
tially  changing  carriers.  If  they  aren’t  willing 
to  back  you,  the  negotiations  will  be  far  less 
effective. 

Finally  once  you’ve  lined  up  your  bosses’ 
support  and  collected  a  list  of  requests 
from  your  users,  do  your  homework. There 
are  plenty  of  competitive  providers,  partic¬ 
ularly  when  it  comes  to  local  services. 
Investigate  all  the  possibilities  —  and  let 
them  know  they  need  to  meet  your  needs 
to  win  your  business. 

And  as  for  the  folks  who  won’t?  Share 
with  them  the  immortal  words  of  Twisted 
Sister’s  Dee  Snider,“If  that’s  your  best,  your 
best  won’t  do.” 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Nortel  converges  metro  nets 


Follow  the  leader 

Many  vendors  are  chasing  Nortel  in  the  optical  market, 
which  provide  metropolitan  DWDM. 

2002  worldwide  metro  DWDM  market  revenue:  $441.8  million 

Tellabs  Other 
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■  JIM  DUFFY 

Nortel  last  week  unveiled  an 
optical  edge  platform  designed  to 
let  service  providers  aggregate 
traffic  from  multiple  service  offer¬ 
ings  with  one  device  instead  of 
several. 

Nortel’s  Optical  Multiservice 
Edge  6500  converges  many  net¬ 
works  and  services  onto  one  plat¬ 
form.  Typically  multiple  devices, 
such  as  SONET  add/drop  multi¬ 
plexers,  cross-connects,  and 
dense  wavelength  division  multi¬ 
plexers  (DWDM)  would  be  re¬ 
quired  to  aggregate  services  such 
as  optical  Ethernet,  storage  and 
other  optical  broadband  services. 

The  6500  sits  between  the  cen¬ 
tral  office  and  edge  of  the  net¬ 
work,  providing  the  conduit  be¬ 
tween  the  access  and  core  layers 
of  the  metropolitan  network.  It  is  a 
1  /4-rack  chassis  with  16  slots  for 
switch  fabric,  controller  and  I/O 
cards.  Line  cards  for  the  system 
include  single-port  OC-192,  dual¬ 
port  OC-48,  eight-port  OC-3/12  and 
four-port  Gigabit  Ethernet/Fibre- 
Channel.The  system  also  supports 
T-l/E-1  private-line  services. 

The  6500’s  switch  matrices 
include  80G  bit/sec  VT1.5  and 
80G-to  1 60G  bit/sec  STS-1. The  sys¬ 
tem  supports  Generic  Framing 
Procedure  (GFP)  virtual  concate¬ 
nation  for  efficiently  packing  traf¬ 
fic  —  such  as  Ethernet  —  onto 
SONFr  pipes  and  grooms  traffic 
to  VI' 1.5  and  STS-1  increments, 

The  system  also  will  groom 
Ethernet  traffic  in  sub-lOM  bit/sec 
increments,  Nortel  says. 

The  6500  supports  32  to  64 


DWDM  wavelengths,  and  eight 
coarse  WDM  (CWDM)  channels.lt 
combines  the  functions  of  Nortel’s 
OPTera  Metro  5200,5100  and  3500 
platforms  for  service  providers 
that  want  to  offer  and  aggregate 
managed  Ethernet,  storage,  wave¬ 
length  and  TDM  services  provi¬ 
sioned  by  those  systems. 

“Nortel’s  starting  to  try  to  con¬ 
verge  multiple  network  elements 
into  a  single  element”  to  address 
carrier  requirements  for  reduced 
equipment  power,  footprint  and 
management,  says  Pat  Mathews, 
an  analyst  at  The  Yankee  Group. 
“They’re  close  to  the  fine  line 
between  a  god  box  [an  all-in-one 
product]  and  a  multiservice  pro¬ 
visioning  platform.” 


Perhaps  the  only  feature  missing 
from  the  6500  is  Layer  3  routing, 
Mathews  says. 

The  6500  will  compete  against 
Cisco’s  ONS  15454  multiservice 
provisioning  platform  and  EC1 
Telecom’s  XDM  platform,  Math¬ 
ews  says. 

in  addition  to  RPR,  Nortel  next 
year  plans  to  add  an  eight-port 
Gigabit  Ethernet  card  to  the  6500, 
which  will  boost  per-chassis  port 
density  from  48  to  96.The  compa¬ 
ny  also  plans  to  unveil  a  10/100M 
bit/sec  Ethernet  switching  card 
for  the  system,  which  will  feature 
per-chassis  port  densities  of  96 
protected  and  192  unprotected. 

Nortel  did  not  provide  pricing 
for  the  6500.  ■ 


Sprint 

continued  from  page  31 

Private  Packet  Line,  SprintLink 
Frame  Relay  and  SprintLink 
Multi-protocol  Label  Switching 
VPN,  as  well  as  its  regular,  dedi¬ 
cated  Internet  access  offer. 

Sprint  also  plans  to  offer 
SprintLink  customers  a  better 
credit  if  the  carrier  does  not 
meet  any  portion  of  its  SLA. 
Parish  says  the  carrier  will 
credit  customers  their  monthly 
service  fee  if  it  misses  any 
metric. 

Carriers  typically  offer  a  credit 
of  3%  to  10%  of  a  monthly  ser¬ 
vice  fee  if  network  performance 
falls  below  SLA  metrics. 

The  service  provider  also  has 
streamlined  all  of  its  data  ser¬ 
vice  SLAs  to  fit  into  three  cate¬ 
gories:  network  node-to-node, 
end-to-end  and  managed  SLA 
classes. 

Network  node-to-node  SLAs 
are  the  carrier’s  baseline  perfor¬ 
mance  guarantees  for  all  data 
services  around  the  world. 

The  end-to-end  SLA  includes  a 
customer’s  local  access,  but  it 
also  requires  a  user  to  purchase 
a  DSU/CSU  device  from  Para¬ 
dyne  or  Visual  Networks  to  mon¬ 
itor  each  end  of  the  connection. 

“It’s  absolutely  essential  for 
providers. . .  to  incorporate  local 
access  into  their  availability, 
latency  and  packet-loss  SLAs," 
says  Lisa  Pierce,  analyst  at  Giga 
Information  Group. 

Network  performance  that  only 
covers  a  carrier’s  core  network  is 
not  very  useful  to  most  enter¬ 
prise  business  users.  Pierce  says. 
Sprint  would  not  offer  any  exam¬ 
ples  of  what  their  end-to-end  SLA 
would  look  like  other  than  to  say 


the  guarantee  will  cover  packet 
loss  and  latency  The  carrier  says 
this  guarantee  will  vary  depend¬ 
ing  on  customer  configuration. 

Sprint’s  managed  SLA  guaran¬ 
tees  that  change  requests  will 
be  fulfilled  within  24  hours; 
customer-premises  gear  will  be 
installed  within  an  agreed- 
upon  time  frame;  and  a  mean 
time  to  repair  of  less  than  four 
hours  in  most  cases.  These 
guarantees  are  in  addition  to 
the  standard  performance  met¬ 
rics  spelled  out  in  the  network 
node-to-node  SLA. 

The  carrier’s  SLAs  also  differ 
based  on  region.  Sprint’s  eight 
regions  include  Canada/U.S., 
Mexico,  Western  Europe,  Eastern 
Europe,  Asia,  Australia/New  Zea¬ 
land,  South'  America  and  the 
Middle  East/Africa. 

New  customers  will  be  able  to 
choose  the  type  of  SLA  they 
want, and  existing  customers  will 
have  to  renegotiate  their  contract 
to  take  advantage  of  any  of  the 
carrier’s  new  performance  guar¬ 
antees  or  credits. 

The  carrier’s  new  SLA  metrics 
and  credits  are  expected  to  be 
available  by  year-end.  ■ 
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Are  you  getting  the  most  out  of  your 
local-area  network?  We  ll  show  you  how  at 
Network  World's  LANs 
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PDU  with 
System  Bypass 
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design  with 
configure-to-order 
multi-branch  whips 
to  speed  installation. 
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InfraStruXure  Architecture 


Traditional  data  centers  are 

built  out  for  future  capacity  and 
require  a  large  amount  of  floor 
space  that  could  be  otherwise 
utilized.  High  power  density  racks 
create  dangerous  hot  spots. 


InfraStruXure"  lets  you  build  out 
capacity  only  as  it’s  required.  Save  up 
to  50%  CapEx  and  20%  OpEx*,  and 
reclaim  an  average  of  20%  usable 
space.  InfraStruXure  AIR  delivers 
cooling  directly  where  it  is  needed, 
eliminating  dangerous  hot  spots. 


InfraStruXure™  is  the  industry's  only  patent-pending, 
on-demand,  network-critical  physical  infrastructure  (NCPI). 

Build  out  capacity  only  as  it's  required  with  InfraStruXure's 
open,  adaptable  and  integrated  approach.  Select  standard¬ 
ized  components  to  create  your  own  customized  solution. 

Finally,  you  can  target  availability,  pay  as  you  grow,  adapt 
to  change  and  maximize  efficiency  while  minimizing 
installation,  operating,  service  and  maintenance  costs. 

To  find  out  more  visit  us  online  at  www.apc.com,  or  see 
below  to  get  your  free  InfraStruXure  brochure  and  white 
paper  today. 

"Representative  savings  based  on  projected  power  infrastructure  built-out  costs 
and  estimated  service  cost  per  unit.  Actual  savings  may  vary. 
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no  raised  floor  needed. 


[cool  air] 


If  they  come,  you  will  build  it. 


34 

NetworkWorld 

10/20/03 

Service  Providers 

www.nwfusion.com 

SSPs  ratcheting  up  their  anti-spam  efforts 


■  BY  CARA  GARRETSON 

As  the  spam  epidemic  continues  to  worsen,  ISPs  are 
taking  on  a  more  leading  role  in  trying  to  stop 
unwanted  e-mail  from  reaching  corporate  networks 
and  consumer  in-boxes. 

Although  a  few  ISPs  have  offered  anti-spam  services  for 
years,  many  are  just  starting  to  roll  out  their  offerings. 
These  anti-spam  services  range  from  server  filters  that 
ISPs  use  to  capture  spam  intended  for  their  customers,  to 
managed  services  that  those  providing  e-mail  hosting 
have  added  to  their  lineups. 

“Because  ISPs  can  capture  traffic  at  the  aggregation 
points  and  cleanse  the  traffic  prior  to  it  being  sent  on  to 
the  customer.it  makes  more  efficient  use  of  their  net¬ 
work"  to  use  anti-spam  filters, says  Michael  Suby  a  senior 
research  analyst  at  Stratecast.“In  some  regards  it’s  self- 
serving,  but  in  a  good  way  On  the  inbound  they’re  catch¬ 
ing  traffic  they  don’t  have  to  pass  through  ...  so  they’re 
reducing  their  network  requirements  and  also  serving 
their  customers.” 

Yet,  like  any  other  anti-spam  technology,  the  filters  and 
techniques  that  ISPs  offer  are  not  a  cure-all. 

“We  don’t  guarantee  that  it  blocks  spam  100%;  our 
lawyers  won’t  let  us  say  that,”  says  Matt  Bobb,  vice  pres¬ 
ident  of  product  development  and  core  services  with 
EarthLink,  about  the  ISP’s  new  SpamBlocker  service. 


The  costs  keep  going  up 

Numbers  show  the  effect  of  spam  on  on  the 

average  company. 

•  Spam  costs  the  average  corporation  $49  per  user 
each  year;  a  company  with  10,000  in-boxes  is  out 
almost  half  a  million  dollars. 

•  Today,  if  that  company  is  running  21  Microsoft 
Exchange  2000  servers,  five  will  do  nothing  but 
process  spam. 

•  By  2007,  that  number  will  jump  to  25  servers 
processing  spam,  out  of  50  total  servers,  if  more 
isn’t  done  to  block  unwanted  messages. 

SOURCE- THC  «.AO»CATl  GROUP 


“But  1  have  not  received  one  piece  of  spam  since  I 
started  using  it." 

SpamBlocker  is  a  challenge-response  system  that  forces 
an  e-mail  sender  who  is  not  listed  in  a  recipient’s  address 
book  to  demonstrate  that  the  sender  is  not  an  automated 
spam  program  by  answering  a  simple  question  before 
getting  the  recipient’s  permission  to  send  an  e-mail. 

About  five  months  ago  EarthLink  began  offering 
SpamBlocker,  a  free,  homegrown  service,  in  addition  to 
Brightmail’s  antivirus  software  for  ISPs,  which  runs  on  its 
servers  as  an  extra  layer  of  protection,  Bobb  says. 
Brightmail  captures  70%  to  80%  of  the  spam  coming  into 
EarthLink's  network.“it  was  fine  up  until  a  year  ago,  when 
the  spam  epidemic  exploded. Then  we  said  we  really 


need  to  step  up  the  level  of  protection,  since  we  were 
hearing  from  our  customers  that  [spam]  was  getting  in 
the  way  of  their  productivity  Plus  it’s  annoying,”  Bobb  says. 

While  EarthLink’s  customers  are  primarily  consumers, 
companies  are  looking  to  ISPs  to  take  spam  detection  off 
their  hands.  Companies  offering  e-mail  hosting  services, 
such  as  Sprint  and  Cable  &  Wireless,  in  the  past  year  have 
added  anti-spam  filters  to  block  unwanted  email  before 
it  reaches  their  customers’  networks. 

Employees  atTri-Chem  in  Madison  Heights,  Mich.,  a 
manufacturer  of  industrial  cleaners  and  related  products, 
were  so  frustrated  with  the  spam  flooding  their  in-boxes 
that  management  considered  tearing  out  all  the  comput¬ 
ers  in  the  organization  and  returning  to  paper-based  sys¬ 
tems, says  CEO  David  Chernow.  Instead,  the  company 
enlisted  Sprint’s  E-mail  Protection  Services  to  block  spam 
before  e-mail  flows  intoTri-Chem’s  network.The  $2  to  $4 
per  user,  per  month,  cost  of  Sprint’s  service,  which 
includes  antivirus  protection  and  other  messaging 
options,  is  made  up  in  regained  productivity  for  the  100- 
person  workforce,  Chernow  says. 

“If  you  think  about  the  time  and  energy  you  spend 
[deleting  spam]  every  day  and  the  drain  on  the  servers, 
we  see  that  getting  an  anti-spam  service  has  really  cut 
down  a  lot  on  costs,”  he  said. 

Sprint  turns  to  partner 

For  this  offering,  Sprint  partnered  with  anti-spam  ser¬ 
vice  vendor  FrontBridge  Technologies,  which  collocates 
switches  in  the  ISP’s  network,  says  Stacy  Meadows, 
group  manager  of  managed  IP  security  services  prod¬ 
uct  management  with  Sprint. The  service  uses  heuris¬ 
tics,  blacklists,  fingerprinting,  rules-based  scoring  and 
other  methods  to  detect  spam.  It  also  includes  Web 
reporting  tools  for  view  statistics,  such  as  how  many 
spams  were  received  and  who  in  the  organization 
received  the  most  spam,  and  a  quarantine  area  where 
the  customer’s  network  administrator  can  review  e-mail 
that  the  service  considered  to  be  spam. 

“The  key  advantage  is  we  are  taking  all  of  this 
[unwanted  e-mail]  outside  the  customer’s  network, so 
it’s  never  reaching  the  network  or  burning  resources,” 
Meadows  says. 

While  having  an  ISP  take  over  a  company’s  spam 
headache  and  its  e-mail  might  seem  like  an  elegant 
solution, some  experts  warn  that  these  services  don’t 
offer  customers  as  much  control  over  how  spam  is 
managed  as  in-house  anti-spam  filters  might. 

“If  I  were  a  business,  I  don’t  think  I’d  want  my  ISP  fil¬ 
tering  my  mail  for  me;  1  need  to  have  control  of  every¬ 
thing,  and  I  want  the  spam  so  1  can  see  the  false  posi¬ 
tives,”  says  Matt  Cain,  an  analyst  with  Meta  Group. 

And  even  though  many  ISPs,  like  Sprint,  offer  spam 
management  tools,  they’re  rarely  customizable  down 
to  the  end-user  level,  Cain  adds.That  means  users 
can’t  always,  say,  check  quarantine  in-boxes  or  add  to 
white-  or  blacklists.  Instead,  that  burden  is  given  to  an 
administrator. 

C&W  partnered  with  another  U.K.  company, 
MessageLabs,  to  offer  spam  and  virus  protection  to  cus- 


*  *lf  you  think  about  the  time  and 
energy  you  spend  [deleting  spam] 
every  day  and  the  drain  on  the 
servers,  we  see  that  getting  an 
anti-spam  service  has  really  cut 
down  a  lot  on  costs.  ** 

David  Chernow 

CEO.Tri-Chem 

tomers  that  use  its  hosted  services.  While  this  service  does 
not  give  a  company’s  end  users  much  control  either, 
MessageLabs  is  working  to  add  those  tools  to  the  offering, 
says  Robert  Hansen,  C&W’s  product  manager  of  managed 
security  services. 

C&W  began  offering  spam  protection  about  six  months 
ago  in  the  U.S.  and  views  it  as  a  necessary  component  of 
its  hosting  service. 

“ISPs  have  to  [offer  anti-spam] .  If  they  don’t  do  it  they’re 
behind  the  times,"  Hansen  says.“Customers  need  [spam 
protection]  so  badly  that  they’re  willing  to  go”  to  other 
vendors  if  their  ISP  doesn’t  offer  it,  he  says. 

Don't  expect  miracles 

With  most  ISPs  offering  some  form  of  spam  protec¬ 
tion,  it  might  seem  that  in-boxes  today  should  be  virtu¬ 
ally  spam-free,  because  all  e-mail  that  travels  across  the 
Internet  must  traverse  an  ISP’s  network  at  the  sender 
and  recipient  ends.  But  could  ISPs  become  designated 
spam  guards  and  hold  unwanted  e-mail  at  the  edges  of 
their  networks  until  their  users  clear  it? 

Unfortunately  not,  these  vendors  say.  As  long  as  spam¬ 
mers  continue  to  find  ways  around  spam  filters  and 
techniques,  unwanted  e-mail  will  slip  through  even  the 
most-rigorous  detection  technology. 

“Spammers  are  very  clever.  It’s  an  interesting  battle. 
When  we  filter  out  words  at  [an  e-mail  message’s] 
header,  such  as  ‘girls,’  they  change  the  spelling  to  ‘girlz,’” 
says  Ceil  Hall,  product  development  director  for  AT&T’s 
Worldnet  consumer  ISP  service.  Worldnet  has  offered 
spam  protection  via  Brightmail’s  anti-spam  software  for 
ISPs  since  1999. “It  could  be  a  lot  worse"  if  ISPs  were 
doing  nothing  to  block  spam, she  says. 

And  while  ISPs  have  the  right  to  filter  all  spam  coming 
into  their  networks  bound  for  their  customers,  as  long 
as  they  state  so  in  their  terms  and  conditions,  few  are 
prepared  to  take  on  the  role  of  judging  what  their  cus¬ 
tomers  deem  spam  and  what  is  wanted  e-mail. 

“It’s  way  too  huge  of  a  burden”  for  ISPs  to  make  those 
judgment  calls, says  Stewart  Baker,  general  counsel  for 
the  U.S.  Internet  Service  Provider  Association. “ISPs  can 
block  some  stuff  that’s  obviously  spam,  but  there’s  a  lot 
of  [unwanted  mail]  that  gets  through.  If  ISPs  want  to  fil¬ 
ter  more  aggressively,  they’re  running  a  bigger  and  big¬ 
ger  risk  that  they’ll  lose  mail  that  people  want "  ■ 


For  the  12th  time  in  13  years,  Dell  has  earned  an  A  or  A+  for  service  and  reliability  while  the  second  closest  major  competitor  scored  only  a  C+. 
Dell's"  OptiPlex  desktop  delivers  what  today's  business  needs:  the  stability,  reliability  and  manageability  that  helps  lower  TCO.  The  OptiPlex  mainstream 
line  of  desktops  feature  Intel®  Pentium®  4  Processors  with  HT  technology.  With  that  you  get  an  integrated  Gigabit  network  connection  as  well  as  Dell's 
expert  service  and  reliability.  All  in  all,  the  OptiPlex  gives  you  the  best  value  for  upgrading  your  corporate  PC  environment.  Find  out  how  the  Dell  OptiPlex 
can  be  part  of  a  total  managed  services  solution  for  your  corporate  business  team.  Call  1-877-432-DELL  or  visit  www.dell.com/bizpc  today. 


SMALL  SIZE  without  COMPROMISE 

Dell  OptiPlex 

HP  Compaq  d530 

SX270 

Ultra-slim 

Chassis  size 

5.1  Liters 

7.3  liters 

Chassis  weight 

8  lbs. 

15.4  lbs. 

Best  in  class  corporate  desktops.  Easy  as 


MU 


Click  www.dell.com/bizpc  Call  1-877-432-DELL 

toll  free 


Dell,  the  Dell  logo  and  OptiPlex  are  trademarks  of  Dell  Inc  Intel,  the  Intel  Inside  logo  and  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries 
©2003  Dell  Inc  All  rights  reserved. 


Guglielmo  Marconi  did  RF  well. 

But,  in  Wireless  LAN  Systems,  no  one  does  RF  as  well  as  Airespace. 


Airespace  believes  it's  essential  for  a  Wireless  LAN  system  to 
dynamically  monitor  for  noise,  interference,  and  rogues  -  without 
extra  access  points  being  required.  The  missing  piece  for 
Wireless  LAN  performance  is  the  ability  to  change,  to  adapt 
dynamically  to  the  wireless  environment  -  and  to  do  it  without 
hiring  a  lot  of  RF  engineers  into  your  enterprise. 

With  an  Airespace  Wireless  LAN  System,  the  network  remains  in 
service  without  any  noticeable  performance  degradation,  even 
when  dynamic  power  control,  channel  assignment  and  load 
balancing  are  keeping  your  network  optimized.  So  there  are  no 
network  outages  when  you  are  placing  a  phone  call  across  an 
Airespace  network.  Ever. 


And  Airespace's  network  management  system  provides  a  total 
view  of  the  entire  RF-domain  allowing  you  to  generate  reports, 
view  and  monitor  real  events,  and  manage  your  entire  Wireless 
LAN  network.  We  can  also  detect  RF  attacks  on  your  network 
and  "blacklist"  questionable  users. 

With  Airespace,  the  RF  engineer  comes  in  the  system. 

Find  out  more  about  Airespace's  Wireless  LAN  Systems  RF  capa¬ 
bilities  by  logging  on  to  our  web  site,  www.airespace.com/RF 
because  no  one  does  RF  like  Airespace. 


(airespace 

The  Standard  for^Wireless  LANs 


www.airespace.com 
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■  Nurturing  a  culture 
of  continuity. 

■  Teaming  on  incident 
response. 

Understanding  the 
information  life  cycle. 

Doing  disaster  recovery 
at  a  distance. 
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Once  again,  data  is  undergoing  radical  changes.  But  this  time,  it’s  not  only  about  what  gets 
created,  it’s  where  and  how  it  is  protected.  Whether  it’s  an  individual,  workgroup,  department 
or  enterprise,  you  can  back  up  every  last  digital  bit  on  Snap  storage  and  file  server  solutions. 
Easy  to  implement,  easy  to  install  and  easy  to  manage.  In  fact,  one  out  of  every  two  Network 
Attached  Storage  installations  in  the  world  and  over  half  of  the  Fortune  500  rely  on  Snap 
servers  to  protect  their  critical  information.  1-888-343-SNAP.  www.snapappliance.com 


TH5  bTEvE  HABER  HhD 
5  TAKEN  FROM  HIM. 


It  could  have  been  a  tragic  story. 

Fortunately,  Steve’s  critical  financial  data  was  backed  up  by 
a  Network  Attached  Storage  solution  from  Snap  Appliance. 


Giving  it  roots 


Even-body  knows  that  bad  things  can  happen  to  good  systems.  Subjected  to 
a  natural  disaster  or  man-made  calamity,  a  network  can  crash,  a  data  center 
can  go  offline.a  call  center  can  go  silent.  And  business  applications  —  that  is. 
business  itself  —  can  freeze  in  midstream. 

We  don't  need  another  insidious  computer  virus  or  record-breaking  power 
outage  to  remind  us  of  that.  What  we  need  to  do  is  break  the  pattern:  With 
every  new  computer  virus, terrorist  threat,  natural  disaster  or  calamity;  business 
continuity  becomes  the  talk  du  jour.  But  the  seriousness  of  the  discussion 
dwindles  as  memory'  of  the  big  event  fades.  Business  continuity'  has  got  to 
become  more  than  talk,  and  the  onus  is  on  IT  to  make  that  so. 

If  you  haven’t  already,  now  is  the  time  to  convince  upper  management  how 
critical  a  comprehensive,  actionable  plan  is  —  one  that  spells  out  what  to  do 


Nurturing  a  culture 
of  continuity 


when  that  next  something  bad  strikes.  Part  of  the  challenge  will  be  making 
sure  business  executives  understand  what  type  of  information  may  not  be 
retrievable  and  the  risks  the  company  takes  if  it  doesn't  create  such  a  plan. 

Even  with  federal  regulations  mandating  recovery  times  of  critical  data  within 
certain  industries  (four  hours  in  the  financial  sector,  per  the  US. Securities  and 
Exchange  Commission,  for  example)  some  business  leaders  might  not  have  a 
sense  of  their  company’s  abilities  to  meet  legal  requirements  should  disaster 
strike.  An  EMC/RoperASW  survey  of  274  US.  executives  released  this  summer 
showed  a  disturbing  disconnect  between  the  perceptions  of  corporate  and  IT 
leadership  on  businesscontinuity  preparedness  and  data  vulnerability: 

Survey  results  show  that  just  14%  of  business  leaders  feel  that  corporate  data 
is  “extremely  vulnerable." compared  with  52%  of  IT  executives  at  the  same  size 
organizations.  More  telling,  in  terms  of  regulatory-  compliance,  is  the  disparity- 
over  the  question  of  recoverability. While  only  9%  of  business  executives  say 
their  companies  would  need  three  or  more  days  to  resume  normal  business 
operations, 23%  of  IT  leaders  say  recovery  would  stretch  beyond  a  week. 

At  companies  doing  business  continuity  correctly, 
such  gaps  in  perception  don't  exist.  Business  execu¬ 
tives  from  the  CEO  down,  including  technology  lead¬ 
ers,  understand  the  importance  of  business  continu¬ 
ity  and  have  embraced  the  policies  and  technology 
investments  needed  to  keep  the  data  flowing. 

And  the  knowledge  shouldn’t  stop  at  the  highest 
corporate  levels,  either.  In  the  most-prepared  compa¬ 
nies,  all  employees  know  the  importance  of  business 
continuity,  and  feel  vested  in  making  sure  data  stays 
safe. That's  a  needed  comfort  in  todays  crazy'  world. 

—  Beth  Schultz 
Editor,  Signature  Series 
bschultz@nww.com 
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Putting  continuity 
on  the  wings  of  ILM 


yf  0  Incident  response 
"  teams  gain  allure 


No  business-con 
complete  without  a  comp 
SWflT  team  to  protect  systems 
from  a  multitude  of  disruptions. 
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Going  the  distance  for 
business  continuity 
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Nurturing  a 

BY  JOANNE  CUMMINGS 


culture 


of  continui 


Great 
business  conti¬ 
nuity  plans  need 
the  help  of  everyone 
in  the  company, 
not just  IT 


If  you  find  yourself  constantly  asking  upper 


Such  a  culture  ensures  that  continuity  plans  work  for 

- -  the  entire  business,  not  just  the  technology,  although  that 

management  to  devote  more  resources  to  is  crucial.  Evergreen  Investments  built  such  a  culture, 

says  Mitch  Hodus,  vice  president  of  technology  opera¬ 
tion 


business  continuity  then  your  company 
needs  a  cultural  makeover.  Todays  best- 
prepared  organizations  have  constructed  a 
culture  of  continuity  one  that  results  from 
every  business  unit  taking  ownership  of 
business-continuity  planning,  budgeting 
and  strategy  leaving  IT  to  do  what  it  knows 
best  —  operations  and  logistics. 


tiorts  at  the  Boston  financial  services  firm. 

“The  old  technical  business-continuity  plan  said  that 
we  would  restore  everything  from  tape  backups,  which 
was  fine  and  cheap,”  Hodus  says.  “But  even  if  all  the 
equipment  was  at  the  disaster-recovery  site  —  which  it 
wasn’t  —  if  we  started  loading  from  tape  5  minutes  after 
the  disaster.it  would  take  us  an  entire  week  to  get  all  the 
systems  up.” 

U.S. Securities  and  Exchange  Commission  (SEC)  guide¬ 
lines  say  firms  like  Evergreen  need  to  have  critical  sys¬ 
tems  up  ancbrunning  within  four  hours  of  a  disaster. “So 
our  exposure  became  readily  apparent.  And  we  all 


worked  to  get  the  plan  to  be  more  business-driven,” 
he  says. 

A  management  must-have 

As  with  any  company-wide  initiative,  the  first  step  to 
constructing  a  continuity  culture  is  getting  top  manage¬ 
ment  to  sponsor  the  change.  For  some  companies,  the 
impetus  comes  from  outside  in  the  form  of  regulatory 
mandates. 

“Many  companies  are  faced  with  new  regulatory 
requirements,  like  [the  Health  Insurance  Portability  and 
Accountability  Act]  in  healthcare  or  new  SEC  rules  in 
the  financial  industry]’ says  Suzie  Ray,  director  of  Ernst  & 
Young’s  Business  Continuity  and  Availability  Practice. 
Top  management  must  inform  the  board  and  audit 

See  Culture,  page  S6 


The  IP  PBX  company  rated  #1  by  IT  professionals... 


It’s  Shoreline. 


'Nemertes  Research.  Implementing  IP  Telephony  Report,  July  2003 
This  report  was  not  commissioned  by  Shoreline,  nor  was  it  sponsored  by  Shoreline. 
It  is  an  independent  study 


In  a  new  Nemertes  Research  study,  Shoreline  dominated. 

It  was  the  only  company  reviewed  that  specializes  in  IP  PBX 
systems  for  the  enterprise. 

#1  in  every  category. 

Shoreline  was  rated  #1  for  system  ease  of  use,  manageability, 
performance,  technology,  cost  effectiveness  AND  customer 
service.  Rated  #1  for  delivering  just  what  you  want. 


You’ll  get  an  IP  PBX  solution 

that’s  easy  to  install  and  manage,  specifically  designed  for  IP 
Telephony  from  the  start.  With  a  single-system  view  and  the 
ability  to  run  your  entire  multi-site  network,  it  is  the  solution 
that  can  make  your  people  more  productive...  the  solution 
judged  #1  by  the  IT  professionals  who  have  experience 
installing  IP  PBXs. 

For  your  free  copy  of  the  Nemertes  Research  executive  sum¬ 
mary,  visit  our  web  site  at  http://networld.goshoreline.com 


or  call  1-877-80SH0RE. 


http://networld.goshoreline.com 

Copyright  2003,  Shoreline  Communications 
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step  by  step 

Keeping  business 
units  engaged  in 
business  continuity 
takes  some  work, 
according  to  John 
Robinson,  director 
of  JR  Consulting 
Partners,  a  busi¬ 
ness-continuity 
consulting  firm. 

He  suggests  these 
eight  steps: 

Allow  the  business 
to  influence  IT 
recovery  timeframes 
by  completing  a  quanti¬ 
tative  business-impact 
analysis. 

2  Identify  an  IT-literate 
business  continuity 
champion  and 
empower  that  person  as 
an  internal  auditor. 

Generate  public 
relations  internally 
whenever  a  conti¬ 
nuity  event  occurs. 

Set  up  intranet 
pages  and  update 
them  regularly  with 
continuity  information 
and  material. 

5  Allow  the  business 
to  be  wrong. 

Business  heads 
believe  their  area  is 
“critical.” 

6  Eliminate  IT-speak 
outside  of  the  IT 
department. 

Concentrate  on  prioritiz¬ 
ing  the  services  that  IT 
provides,  not  how  it 
provides  them. 

7  Make  participation 
an  enjoyable, 
instructive  and 
rewarding  experience. 
Highlight  success  so 
people  want  to  be  asso¬ 
ciated  with  continuity. 

8  Make  continuity 
considerations  an 
integrated  part  of 
ever)'  new  project,  both 
inside  and  outside  of  IT 


Culture 

continued  from  page  S4 


“Our  exposure 
became  readily 
apparent,  find 
we  all  worked 
to  get  the  plan 
to  be  more  busi¬ 
ness-driven.” 

Mitch  Hodus,  vice  president 
of  technology  operations, 
Evergreen  Investments 


committee  on  how  the  company’s  infrastructure  is  protected.  “And  that 
means  business  continuity  is  being  elevated  within  companies  to 
become  a  core  initiative,”  she  says. 

Recent  events  and  the  current  business  climate  also  serve  to  spur  top 
management  to  drive  business  continuity  throughout  the  organization. 
“With  two  major  events  in  New  York  in  just  two  years,  people  can’t  put  it 
off  and  say  disasters  don’t  happen, ’’says  Julian  Morris,  IT  director  at  Draft 
Worldwide,  an  advertising  company  based  in  NewYork.“If  you’re  not  pre¬ 
pared,  you  go  out  of  business  —  period.” 

Top-level  buy-in  makes  it  easier  to  get  everybody  involved  in  business- 
continuity  planning,  the  ultimate  goal.“Our  chief  operating  officer  basically 
told  his  direct  reports  that  business  continuity  is  important,  you  will  par¬ 
ticipate  or  it  will  impact  your  bonus.  Everyone  got  onboard,”  Hodus  says. 

John  Robinson, director  of  JR  Consulting  Partners, a  busi¬ 
ness-continuity  firm,  agrees.  “We  write  an  executive 
mandate,  give  it  to  the  chief  executive  and  get  him  to 
sign  it,”  he  says.“Then  everyone  can  see  it’s  a  corpo¬ 
rate  mandate  and  take  it  to  heart.” 

Once  you  have  that  mandate,  you  can  ask  each 
department  to  analyze  its  processes  for  risk  and  con¬ 
tinuity  contingencies,  a  key  element  in  building  con¬ 
tinuity  culture.“Every  unit  needs  to  think  through  crit¬ 
ical  business  processes,  identify  them  and  decide 
what  the  tolerances  are,”  says  Amy  Carroll,  business- 
continuity  manager  at  Evergreen  .“There  are  business 
processes  you  take  for  granted  that  are  key  Unless 
you  take  the  time  to  analyze  that,  they  can  get  left  out 
of  the  plan.  But  with  departments  taking  an  active 
role,  and  some  prodding  from  someone  like  me, you 
can  mitigate  that.” 

Getting  the  whole  company  behind  business 
continuity  also  helps  the  budget  issue.  “In  firms 
with  a  culture  of  continuity, the  continuity  budget  is 
spread  across  business  units,”  Ernst  &  Young’s  Ray 
says.  “Everyone  owns  it,  so  everyone  pays  for  it.  IT  shouldn’t  bear  the 
brunt  of  it.” 

Gary  Foster,  CTO  at  Omgeo.a  New  York  financial  application  and  service 
provider,  goes  along  with  that.The  investment  starts  out  with  a  technical 
weight,”  he  says.“But  that  changes  as  you  start  to  spend  more  on  training 
and  crisis  management,  looking  at  it  from  a  business  point  of  view” 

The  culture  also  works  to  get  people  to  budget  for  continuity  almost 
automatically  “We  duplicate  all  of  our  mission-critical  applications  at  a 
recovery  site,” Evergreen’s  Hodus  says.“And  so  when  any  department  thinks 
about  bringing  up  a  new  mission-critical  server  on  the  production  side,  it 
actually  budgets  for  two,  taking  continuity  into  account.” 

The  extended  team 

Companies  with  strong  cultures  of  continuity  tend  to  include  business 
partners,  vendors  and  customers  in  their  plans. 

“After  9/11,  a  lot  of  companies  realized  they  needed  to  expand  the 
scope  of  their  plans  beyond  their  own  facility,  to  taking  their  suppliers, 
vendors  and  external  customers  into  account,”  Ernst  &Young’s  Ray  says. 
She  says  a  large  Minneapolis  retailer  she  works  with  was  not  physically 
affected  by  Sept.  11,  but  it  hadn’t  planned  on  U.S.  Customs  being  af¬ 
fected,  borders  being  shut  down,  its  bank  being  unavailable  and  cus¬ 
tomers  sitting  at  home  in  front  of  TVs,  not  shopping  in  its  stores. “They 
were  OK,  but  everything  else  wasn’t,” she  says. 

Foster  says  that  although  Omgeo’s  New  York  office  was  up  and  running 
on  generator  power  and  was  only  minimally  affected  by  the  blackout  in 
August,  many  of  its  customers  weren’t  prepared.  “And  frankly,  if  our 
clients  can’t  carry  on,  we’re  not  doing  much  business,”  he  says. “So  90% 
of  our  continuity  efforts  then  were  put  into  assisting  our  clients.” 

Some  companies  include  customers  in  continuity  testing.  “We  work 
with  our  strategic  partners,  our  clients,  to  design  our  continuity  tests,” 
Draft’s  Morris  says.  "It  gives  us  a  competitive  advantage  because  our 
clients  know  they’re  getting  the  best  of  service  and  know  they  can  count 
on  us.They  take  an  active  part  and  have  a  voice  in  the  plan.” 


But  perhaps  the  best  way  to  build  a  culture  of  continuity  is  to  com¬ 
municate  the  importance  of  continuity  analysis  and  planning  on  a  daily 
basis  to  everyone  within  the  company. 

The  simple  things  make  the  difference,  such  as  adding  continuity  to 
the  regular  executive  strategy  speeches,  Morris  says.“So  the  top  exec  has 
a  speech  where  he  says, This  year,  we’ll  make  X  amount  of  revenue,  we’re 
going  to  increase  our  training  program.be  more  family-oriented,’ and  so 
on.  And  part  of  it  also  needs  to  include  business  continuity  as  something 
that’s  great,  a  plus  and  a  benefit,  a  core  competency” 

Companies  should  address  business  continuity  at  the  point  of  hire, so 
that  from  Day  One,  each  employee  knows  the  priority.  Draft  delivers  a 
continuity  presentation  to  new  hires,  includes  a  continuity  handout  in 
the  employee  handbook  and  posts  the  business-continuity  plan  on  the 
backs  of  doors  and  cubicle  walls,  Morris  says. 

Another  way  to  keep  the  idea  in  the  forefront  is  to  give  employees  a 
card  with  a  toll-free  number  to  call  to  get  company-specific  information 
during  a  disaster  or  continuity  situation. “When  they  call,  it  tells  them 
whether  to  come  into  work  or  not,  and  what’s  being  done  at  the  com¬ 
pany  at  various  stages  of  the  recover^  he  says. 

Morris  concludes, “It’s  a  lot  easier  to  push  continuity  into  the  everyday 
business  culture  now  because  we’ve  seen  evidence  that  these  things 
can  happen  and  anything  is  possible. You  might  not  be  able  to  plan  for 
everything,  but  you  can  ensure  the  key  parts  of  your  business,  and  your 
people,  know  what  to  do  in  the  event  of  disaster  and  know  how  to 
respond  and  recover. That’s  what’s  important.” 

Cummings  is  a  freelance  writer  in  North  Andover,  Mass.  She  can  be 
reached  at  jocummings@comcast.net. 
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Only  Avocent  gives  you  complete  Click  and  Connect™ 
control  of  your  data  center  —  all  from  a  single  screen 


Download  your 

FREE 

KVM  Tech  Guide  today! 

Don’t  choose  a 
KVM  switching  system 
without  it! 

www.avocent.com/reality 


Now  you  can  see  what’s  really  happening  in  your  data  center.  Avocent’s  DS  Series  lets 
you  access,  maintain  and  troubleshoot  all  your  servers  and  serial  devices  over  IP  -  no 
matter  where  you  are,  even  over  a  browser.  Authenticate  once  and  control  it  all. 

Get  real,  get  the  best  KVM  OVER  IP  solution  available  today.  The  Avocent  DS  Series. 

Avocent. 

The  Power  of  Being  There, 

Avocenl.  the  Avocent  logo.  Click  and  Connect  and  The  Power  of  Being  There  are  trademarks  or  registered  trademarks  of  Avocent  Corporation  Copyright  ©  2003  Avocent  Corporation 
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No  business 


BY  JULIE  BORT 

Before  you  declare  your  business-conti¬ 
nuity  planning  complete,  ask  yourself 
this:  What  happens  when  the  alarm 
sounds,  be  it  for  a  natural  disaster,  a 
power  grid  failure  or  a  security  breach?  If 
you  don’t  have  people  trained  and  ready 
to  respond,  no  matter  the  situation,  then 
you  won’t  be  as  prepared  as  you  ought  to 
be.  What  you  need  is  an  incident 
response  team,  one  that  has  dedicated 
resources  and  coordinated  processes,  say 
business-continuity  experts. 

Those  who  have  already  adopted  formal  internal  IRTs 
say  the  benefits  run  deep."Many  people  think  that  incident 
res|x>nse  is  reactive  mode,  but  a  good  1RT  will  work  to  pro¬ 
tect  the  network  and  to  avoid  incidents  —  and  if  they  can¬ 
not  be  avoided,  to  react  quickly  and  effectively  says  Mario 
Chiock,  global  manager,  Incident  Response  Team,  for  oil 
field  services  company  Schlumberger,  in  Houston. 

Other  experts  say  an  IRT  keeps  a  company’s  options 
open  Think  of  this  as  a  fire  department.  Putting  out  the 
fire  is  part  of  it.  but  they  also  have  to  research  the  after¬ 
math,”  says  Julie  Lucas,  an  IRT  director  for  a  Fortune  500 


financial  services  company  and 
author  of  The  Effective  Incident  Re¬ 
sponse  Team. 

A  trained  team  will  give  the  com¬ 
pany  systematic  analysis  so  it  can 
determine  the  who,  what,  when, 
where  and  why  of  an  incident,  Lucas 
says.  If  an  incident  is  security  related,  the 
team  also  will  collect  and  preserve  evi¬ 
dence  needed  for  potential  prosecution. 

Building  an  IRT  needn’t  be  grueling.  It  involves  desig¬ 
nating  appropriate  personnel,  ensuring  proper  training, 
and  implementing  reporting  and  tracking  procedures. 

Flexible  but  pre-determined 

Because  IRTs  help  ensure  that  necessary  IT  systems  stay 
available  under  all  conceivable  circumstances,  they 
should  be  staffed  with  “a  mix  of  talents,”  Lucas  says.  Most 
team  members  would  be  from  IT,  representing  various 
technology  skills.  But  a  capable  team  would  include  gen¬ 
eral  project  managers  to  assist  with  critical  business 
issues;  corporate  counsel, should  a  breach  lead  to  law  en¬ 
forcement  actions  or  affect  customer  contracts;  corporate 
communications  representatives, for  handling  discussions 
with  the  public,  press  or  customers;  human  relations  man¬ 
agers,  for  communicating  with  employees;  and  physical 
security  specialists,  for  securing  buildings  or  removing 
suspect  employees.  Each  team  would  have  roles  for  a 
company’s  specific  needs  or  the  incident  at  hand. 

Dynegy  has  woven  IRTs  into  its  crises  management  pro¬ 
cesses,  which  are  part  of  a  bigger  business-continuity  strat¬ 


egy,  says  Bobby  LeBlanc,  senior 
director  of  business  services  at  this 
Houston  energy  company.  Dynegy 
considers  crises  management 
teams  the  front-line  defenders 
against  a  range  of  potential  business 
disruptions:  an  unruly  virus  or  hack 
attack,  certainly,  but  also  fire,  bomb 
threats,  terrorists  attacks  and  natural  disas¬ 
ters.  For  a  hurricane,  he  could  pull  together  a  team 
hours  or  days  in  advance,  and,  besides  the  network  and 
data-center  techies,  he’ll  also  make  sure  the  team  includes 
a  meteorologist.  On  the  other  hand,  for  a  fast-spreading 
worm  that  hits  with  no  warning,  ITrelated  team  members 
would  meet  quickly  and  handle  containment  on  their 
own."Flexibility  is  absolutely  key. You  have  to  be  prepared 
for  practically  anything,’’  LeBlanc  says. 

As  to  what  IT  people  to  involve,  start  at  the  top.  CIO  and 
top  network  executive  support  is  critical.  'ITiey  “need  to 
support  the  team  with  resources,"  particularly  people, 
Lucas  says.  She  warns  that  in  a  large  company,  many  IRT 
functions  easily  can  be  full-time  jobs. 

Often  the  network  manager  is  the  IRT  champion, calling 
for  help  after  being  overrun  by  intrusion-detection-system 
alarm  investigations  and  other  constant  security-related 
incidents.  When  a  company  has  a  chief  security  officer, 
that  person  tends  to  lead  the  IRT  —  as  all  IT  team  mem¬ 
bers  must  be  security-trained.  Recognizing  the  symptoms 
of  a  security  breach  and  determining  what  has  been  or 
could  be  compromised  are  core  IRT  responsibilities. 

See  Incident  page  S10 


continuity  plan  is 
complete  without  a 
computer  SWAT  team  to 
protect  systems  from 
a  multitude  of 
disruptions. 


FREE  SEMINAR! 

Register  for  new  Foundry  Networks  Enterprise  and  Server  Load 
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JOIN  US! 


We’ll  be  at  EDUCAUSE,  booth  462, 
on  November  4-7, 2003.  Details  at 


www.foundrynet.com/about/newsevents/events.html 


The  Journey  df  the  Leader  in  Layer  4-7  Load  Balancing  Switches 

Performance.  Intelligence.  Security.  Price. 


Serverlron  — when  it  comes  to  Layer  4-7  load  balancing,  there  is  no  summit! 
just  a  continuous  journey.  Foundry’s  Serverlron  switches  continue  to  be  the  trailblazer 
for  server  scalability  with  one  accomplishment  after  another.  Serverlron  switches  protect 
servers  against  deniat-ot-service  attacks,  improve  server  scalability,  and  vastly  enhance  server 
reliabilitv.  Serverlron  makes  it  easy  to  manage  all  your  networked  applications  and  improve  user 
response  time  while  eliminating  application  downtime.  It’s  the  industry  leader  in 
performancedntelligence,  security,  and  price.  So  it's  no  coincidence  that  Serverlron  is  the 
product  of  choice  for  the  worlds  largest  and  most  demanding  customers.  Visit  us  today  at 
w  w  w.fotmdrvnetworks.com  si.  Or  call  1  .SSS.TURBOLAN  (1  ,888.887.2652). 
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continued  from  page  8 

Even  so, a  team  likely  will  draw  heavily  on  network  staff, 
and  the  network  executive  must  be  supportive.  And  all  IT 
departments  could  be  called  upon.  For  instance,  the  data¬ 
center  manager  must  be  willing  to  supply  staff  to  help 
with  an  investigation  or  to  activate  backup  plans. 

If  your  company  has  a  zero-tolerance  policy  that  says 
every  potential  threat  must  be  planned  for  and  every  inci¬ 
dent  analyzed,  then  IRT  work  will  be  time-consuming, 
LeBlanc  warn.  IT-related  IRT  roles  likely  will  be  full  time, 
especially  for  large  companies. 

Schlumberger’s  Chiock  says  full-time  incident  re¬ 
sponse  professionals  are  perfect  for  security  preven¬ 
tion  tasks.  They  should  handle  patch  management,  fire¬ 
wall  administration,  employee  policy  creation  and  train¬ 
ing.  As  such,  IRT  members  gain  the  kind  of  systems  knowl¬ 
edge  they  need  to  do  their  response  jobs. 
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Identification 


Seven  steps  to  Not™tlon 
incident  response 


While  incident  response 
teams  are  reactive,  the 
steps  they  take  for  prepa¬ 
ration  and  evaluation  makes 
them  proactive  as  well. 
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Training  and  tools 

As  for  training, CERT  in  July  crafted  a  multi-year  IRT  cer¬ 
tification  program  for  IT-related  initial  incident  handling 
all  the  way  through  team-management  level, says  Barbara 
Laswell,  manager  for  the  Network  Systems  Survivability 
program  at  CERT  Coordination  Center  at  Carnegie  Mellon 
University 

Similarly  the  Forum  of  Incident  Response  and  Security 
Teams  (FIRST)  assists  companies  —  about  200  worldwide 
since  its  founding  10  years  ago  —  in  creating  formal, inter¬ 


nal  teams,  Laswell  says.  CERT  is  a  founding  member  of  this 
international  coalition  of  IRT  specialists,  which  offers  sym¬ 
posiums,  written  guidelines,  technical  information  and 
access  to  experienced  IRT  professionals. 

Despite  the  Sept.  1 1  attacks  and  the  US’s  continued  geo¬ 
political  turmoil,  training  on  how  to  respond  to  incidents 
hasn’t  changed, says  Klaus-Feter  Kossakowski,  chair  of  the 
FIRST  Steering  Committee,  in  Hanover,  Germany. 

If  you  learn  how  to  thwart  a  malcontent  hacker, then  you 
will  know  how  to  defend  against  Internet-borne  terrorism 


Lucas  points  to  software  providers  Guidance  Software 
and  New  Technologies,  as  good  sources  for  computer 
security  forensics  training. 

The  IRT  champion  also  must  consider  how  to  give  em¬ 
ployees  guidance  on  how  to  report  suspicious  activity  or 
what  to  do  when  their  desktops  are  threatened  be  it  by 
virus  or  a  bomb  threat.Telephone  hotlines  and  e-mail  ad¬ 
dresses  are  helpful  as  reporting  tools,  while  email  broad¬ 
casts  let  the  team  communicate  to  employees  about  inci¬ 
dents.  Software  vendors  such  as  Remedy  also  offer  so- 
called  crisis-management  products.These  help  automate 
the  steps  involved  in  incident  response  from  receiving  the 
first  alert  through  closure. 

Similarly  IT  outsourcers  such  as  Schlumberger’s  Serna 
use  security  assessment  tools  helpful  for  an  IRTThe  “secu¬ 
rity  dashboard,”  developed  for  Schlumberger’s  internal 
use, gauges  the  health  of  security  across  a  company  rather 
than  relying  on  multiple  logs,  Chiock  says. 

The  dashboard  tracks  incident  and  response  statistics, 
found  vulnerabilities  and  training  completed,  for  in¬ 
stance,  and  generates  reports.  These  reports  help  tally 
performance  pay  —  5%  of  total  compensation  for  every 
manager  is  tied  to  meeting  security  goals,  he  says. 
Equally  important,  the  dashboard  lets  Chiock  update 
the  board  of  directors  on  security  issues,  keeping  the 
purse  strings  open. 

In  today’s  networked  world,  incidents  are  a  given. 
Only  by  proactively  managing  them  with  dedicated 
resources  will  they  cease  to  hold  business-threatening 
power.  ■ 
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Show  the  purseholders  the  wisdom  of  prevention  to  gain  the  funds  needed  for  business-continuity  services. 


1  Figure  out  exactly  how  much 
«  money  is  lost  during  a  typical 
outage  and  compare  that  with  the 
relatively  inexpensive  cost  of  pre¬ 
venting  those  losses. 

Jason  Buffington,  director  of  busi¬ 
ness  continuity  at  continuity-soft- 
ware  vendor  NS1  Software  uses  tape 
backup  as  an  example.  Here,  a  half 
day  is  the  credible  amount  of  time 
from  when  the  outage  occurs  until 
data  is  restored  to  the  most  recent 
backup,  he  says.  Multiply  that  down¬ 
time  by  the  costs  incurred  per  hour 
by  the  business.  The  costs  should 
include  salaries  for  people  left  idle,  as 
well  as  lost  revenue  and  regulatory 
penalties  that  would  result  from  the 
outage.  Do  the  math,  and  you  get  a 
realistic  amount  to  bring  to  upper 
management. 

“If  more  companies  took  a  good  look 
at  the  cost  of  downtime,  they  would 
realize  the  importance  of  having  a 
sound  recovery  plan,”  says  Julian 
Morris,  IT  director  at  Draft  Worldwide, 
a  New  York  advertising  agency.  “We 
looked  at  the  cost  of  lost  productivity, 
not  taking  into  account  any  revenue 
[that  would  have  been]  generated, 
and  for  us.  it's  typically  about  $14,000 
per  hour  for  our  major  offices." 

In  the  August  blackout,  Draft’s  New 


York  office  was  down  10  hours.  That 
cost  the  company  about  $140,000  in 
lost  productivity.  “After  the  event,  I 
said  to  upper  management,  ‘Re¬ 
member  the  plan  I  wanted  to  do  with 
the  standby  server  and  the  cost  was 
such  that  you  wanted  to  put  it  off? 
What  we  lost  now  would  have  paid  for 
it,”’  he  says. 

2  Help  the  business  side  of  the 
•  house  take  a  realistic  view  toward 
continuity  planning,  too.  “A  lot  of 
times,  you  ask  the  business  unit  what 
it  wants,  and  it  comes  back  with  the 
Cadillac  plan  —  we  need  all  of  our 
servers  back  instantaneously,  with  no 
downtime,”  says  Dieter  Marlovics,  CIO 
at  Gelber  Group,  a  financial  services 
firm  in  Chicago.  “So  you  say,  ‘OK, 
here’s  what  that  will  cost  you.’  It  takes 
a  look  at  that  number,  compares  it  to 
the  cost  of  downtime,  and  realizes, 
well,  hey,  maybe  we  can  be  back  in 
three  hours  and  maybe  we  just  need 
these  three  servers.”  With  a  little  back 
and  forth,  you  can  find  the  sweet  spot 
where  the  business  unit  is  comfort¬ 
able  with  the  service  level  and  the 
price,  he  says. 

You  also  need  to  explain  the 
options.  At  Evergreen  Investments, 
Mitch  Hodus,  vice  president  of  tech¬ 


nology  operations,  sold  upper  man¬ 
agement  on  an  expensive  replication 
system  by  outlining  the  savings  in  ad¬ 
ministration  and  staff  costs.  “Once  we 
looked  at  the  alternatives,  we  saw 
that  over  time,  we  were  actually  sav¬ 
ing  money  on  staffing,”  he  says. 

And  don’t  try  forcing  upper  manage¬ 
ment  into  covering  everything  at 
once,  says  Suzie  Ray,  director  of  Ernst 
&  Young’s  Business  Continuity  and 
Availability  Practice.  “Most  executives 
can  tell  you  that  out  of  20  business 
processes,  five  are  most  critical.”  she 
says.  Prepare  those  five  and  put  off 
the  rest  until  next  year. 

3  Consider  the  little  things.  Even 
t  after  factoring  in  the  true  cost  of 
downtime  and  comparing  it  with  the 
cost  of  investing  in  continuity  plan¬ 
ning,  some  companies  still  have  trou¬ 
ble  justifying  the  cost.  “But,  there  are 
things  you  can  do  that  cost  very  little 
and  can  protect  you.  Maybe  you  can’t 
afford  to  relocate  to  a  disaster-recov¬ 
ery  site,  but  you  can  call  your  cus¬ 
tomers  and  give  them  the  phone  num¬ 
ber  of  a  different  business  site  to  call 
for  service,”  Hodus  says. 

At  the  very  minimum,  experts  say 
firms  need  to  do  crisis  management. 
“They  need  to  make  sure  everyone 


understands  their  roles  and  responsi¬ 
bilities,  and  that  you  have  people 
lined  up  who  can  make  key  decisions,” 
Ray  says.  “You  have  to  communicate 
to  your  employees  your  evacuation 
plan,  your  emergency  response  and  so 
on.  You  have  to  make  sure  you  can 
take  care  of  your  people.  That’s  impor¬ 
tant,  and  it’s  not  expensive.” 

4  Other  low-cost  strategies  include 
.  training  your  business  staff  on 
pre-Internet  technologies.  Morris  re¬ 
counts  the  time  Draft  lost  Internet  and 
e-mail  access  for  a  day.  “People  were 
stymied.  They  didn't  know  how  to  use 
the  fax  machine  or  that  they  could 
have  a  courier  deliver  a  document," 
he  says. 

Rather  than  focusing  on  costs,  focus 
on  the  plus  side  of  being  up  during  an 
outage  or  disaster.  “People  who  are 
better  equipped  will  take  advantage  of 
the  opportunities  the  less  well- 
equipped  ones  are  missing  during  a 
disaster,”  says  John  Robinson,  direc¬ 
tor  of  JR  Consulting  Partners,  a  disas¬ 
ter-recovery  firm.  “So  spending  on 
business  continuity,  depending  on 
your  business,  can  be  a  competitive 
advantage." 

—  JOANNE  CUMMINGS 


How  Primitive 


is  Your  Backup 


Solution  ? 


Step  out  of  the  STONE  AGE  with  PowerQuest  V2i  Protector 


Stop  relying  on  old  technology  to  protect  your  Why  try  to  reinvent  the  wheel  using  outdated  technology 

servers  and  desktops.  It  leaves  your  company’s  mission  like  tape  backup? 


critical  data  unprotected  and  exposed  to  permanent  loss. 
Today’s  tape  backup  and  recovery  solutions  are  often: 
Slow  -  taking  all  night  to  back  up  your  servers  and  more 
than  four  hours  or  longer  to  restore  an  individual  system. 
Expensive  -  requiring  expensive  software  plug-ins, 
dedicated  hardware  and  highly  skilled  technicians. 
Unreliable  -  ignoring  critical  data  leaving  you  with 


PowerQuest*  V2i  Protector  " 


-  Backup  Anything,  Anytime,  Anywhere. 


To  learn  more  and  view  the  on-demand  “Disaster  Recovery  Secrets”  webcast,  visit: 

www.powerquest.com/stoneage2 


incomplete  backups  and  unsuccessful  recoveries. 


-  Restore  a  system’s  Active  State  in  Minutes ! 


©  2003.  All  rights  reserved  This  product  and  its  use  are  subject  to  a  license  agreement  and  are  also  subject  to  copyright,  trademark  and/or  patent  laws. 

Please  refer  to  www  powerquest.com/legal  for  details.  PowerQuest,  V2i  Protector  and  the  PowerQuest  Swirl  are  trademarks  or  registered  trademarks  in  GLOBAL  DEPLOYMENT  AND  RECOVERY  Automata 
the  United  States  and  elsewhere  All  other  brand  and  product  names  are  registered  trademarks  or  trademarks  of  their  respective  owners. 
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THE  INTERNET  SECURITY  DILEMMA: 


With  complex  networks  and 

scarce  resources,  how  do  you  formulate  a 

COMPLETE  SOLUTION? 


The  SonicWALL  PRO  Series-redefining  value  and  performance! 

Introducing  the  threat  minimizing,  budget  maximizing,  enterprise-class  SonicWALL  PRO  3060  and  4060  security  platforms. 
Boasting  the  highest  capacity  firewall  and  VPN  encryption/decryption  performance  in  their  class,  the  new  PRO  products 
feature  the  revolutionary  SonicOS  2.0.  Rich  with  tools  for  IT  administrators,  the  PRO  solution  delivers  vital  networking  and 
management  features,  including  multiple  forms  of  WAN  Fail-over,  ISP  Load  Balancing,  Object-Based  Management,  six 
completely  configurable  interfaces,  and  a  host  of  other  key  power  features  typically  found  only  in  products  costing  twice 
as  much.  As  always,  SonicWALL  delivers  the  ultimate  in  value,  bundling  generous  site-to-site  and  mobile  VPN  Client  tunnels. 
For  detailed  information  on  the  PRO  3060  and  PRO  4060  visit  www.sonicwall-info.com/pnw  or  contact  one  of  the 
authorized  resellers  below. 

>  SonicWALL ,  the  leader  in  comprehensive  Internet  security. 
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BY  PAUL  DESMOND 


Typical  of  any  company  in  the  financial 
industry,  Euronext.liffe  puts  a  premium  on 
business  continuity.  After  a  number  of 
acquisitions,  the  derivatives  trading 
exchange  spent  the  last  year  building  a 
high-speed  network  and  setting  up  dual 
data  centers,  one  in  London,  the  other  in 
Paris.  The  company’s  “dual-site  live”  strategy 
means  neither  data  center  is  a  backup  to 
the  other.  Rather,  the  two  constantly  share 
the  load,  although  the  entire  business  can 
run  from  just  one,  if  necessary. 

To  accomplish  dual-site  live,  the  company’s  IT  arm, 
Euronext.liffe  Market  Solutions,  replicates  data  between  stor¬ 
age-area  networks  (SAN)  located  at  the  two  data  centers. 
While  such  an  application  might  connote  a  synchronous  link 
using  optical  technology  Market  Solutions  is  instead  using 
Fibre  Channel  over  IP  (FCIP),  implemented  on  its  four  Cisco 
MDS  9509  SAN  switches.  FCIP  supports  an  asynchronous  con¬ 
nection  over  an  IP  network  between  Fibre  Channel-based 
storage  equipment,  which  effectively  eliminates  the  distance 
limitation  that  has  relegated  synchronous  replication  to  met¬ 
ropolitan-area  applications.  That  makes  FCIP  a  boon  for  any 
company  looking  to  replicate  data  out  of  region. 

“Any  natural  disaster  or  terrorist  action  is  unlikely  to  lead 
to  losing  two  data  centers  in  two  different  countries,”  says 
Mark  Hemsley,  managing  director  of  Euronext.liffe  Market 
Solutions. 

FCIP  isn’t  the  only  technology  for  asynchronous  replication 
between  Fibre  Channel-based  systems.  The  Internet  Fibre 
Channel  Protocol  (IFCP),  touted  mainly  by  Nishan  Systems 
(which  was  recently  acquired  by  storage  switch  vendor 
McData),  accomplishes  the  same  thing,  albeit  in  a  somewhat 
different  fashion. 

FCIP  and  IFCP  are  implemented  in  SAN  switches  that  take 
in  a  Fibre  Channel  feed  and  encapsulate  the  data  in  IP  The 
other  part  of  the  equation  is  software  that  handles  the  repli¬ 
cation,  ensuring  data  is  the  same  on  both  sides.  All  the  big 
storage  system  vendors  have  some  sort  of  remote  copy  soft¬ 
ware  that  works  at  the  block  or  disk  level,  such  as  Hitachi 
Data  Systems'  TrueCopy  and  EMC’s  Symmetrix  Remote  Data 
Facility  (SRDF)  and  the  recently  announced  asynchronous 
version,  SRDF/A.  Software-only  replication  from 
Software,  Topio,  XOsoft  and  Veritas  Software  works 
file-system  level,  looking  for  changes  as  they  are  written. 
These  offerings  work  with  standard  Windows,  Unix  or 
Linux  servers  and  require  no  special  switches  or 
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Training  video  is  content.  Seismic  studies  are  content.  And  so  are  CAT 
scan  images,  PDF  files,  audio  clips  and  presentations.  According  to  the 
analysts,  an  avalanche  of  content  is  about  to  land  on  top  of  your  data  center. 
Are  you  ready?  With  a  Sony  PetaSite®  data  tape  library,  you  will  be. 

Sony's  PetaSite  libraries  extend  beyond  terabytes  into  petabytes— to 
keep  abreast  of  your  growing  storage  needs.  SAIT  PetaSite  libraries 
leverage  the  world's  highest  capacity  data  cartridge'— SAIT— to  achieve 
the  highest  storage  density.  So  you  save  precious  data  center  space.  SAIT 
also  offers  the  lowest  tape  cost  per  gigabyte."  So  you  save  money.  Or 
choose  Sony's  DTF-2  PetaSite  libraries,  which  have  lightning-fast  loading 
and  file  access.  So  you  also  save  time. 


Sony  PetaSite  libraries  are  ideal  for  backup,  archiving  and  Flierarchical 
Storage  Management.  Sony  PetaBack®  and  PetaServe®  solutions  give 
you  even  greater  flexibility. 

Sony  PetaSite  libraries.  The  Work  Smart  solution  for  storing  content. 
Work  Smart.  Work  Sony. 

•Source:  Storage  Analytics'  Tape  Format  Faqts.  1/24/03 
••Media  comparison  based  on  MSRPs  of  SAIT.  LTO,  AIT-3  and  SDLT  mid-range  formats  as  featured  in  CDW.  1/23/03 


VISIT  WWW.SONY.COM/DATASYSTEMS  OR  CALL  800-829-7669  FOR 
MORE  INFORMATION  ON  SONY'S  PetaSite  SOLUTIONS. 


PetaSite  TAPEDRIVES 
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©  2003  Sony  Electronics  Inc.  AU  rights  reserved.  Reproduction  in  whole  or  in  part  without  written  permission  is  prohibited  Features  and  specifications  are  subject  to  change  without  notice.  Sony.  PetaBack.  PetaServe  and  PetaSite  are  trademarks  of  Sony. 


Distance 

continued  from  page  14 

transport  protocols  —  just  a  plain  old  IP  connection. 

“The  thing  that  FCIP  and  IFCP  are  built  for  is  to  have 
identical  storage  at  both  ends,  where  you  mirror  data 
from  one  site  to  another,”  says  Marc  Farley  president  of 
Building  Storage,  a  storage  consulting  firm.  Products  such 
as  NSI  Software’s  Double-Take,  on  the  other  hand,  repli¬ 
cate  data  from  one  server  to  another,  but  the  two  data¬ 
bases  might  not  necessarily  be  mirror  images  of  one 
another  in  terms  of  data  structure,  and  the  data  might  not 
be  instantaneously  available.Yet  customers  who  are  using 
the  products  say  the  process  works  in  near  real  time,  cer¬ 
tainly  fast  enough  to  provide  for  business  continuity  if  not 
instant  access  to  data  after  an  event. 


“FCIP  is  the  de  facto  standard”  agrees  Steve  Duplessie, 
senior  analyst  with  Enterprise  Storage  Group.“But  Nishan 
is  probably  winning  the  war  as  far  as  product  sales  go,  so 
it’s  kind  of  a  moot  point.” 

Cisco  in  July  announced  its  own  proof-of-concept  dis¬ 
tance  demonstration,  along  with  Sprint  and  Hitachi  Data 
Systems.  The  vendors  established  an  OC-3  loop  between 
Sprint  labs  in  Burlingame,  Calif.,  and  Overland  Park,  Kan., a 
distance  of  about  1,800  miles.  They  attached  Hitachi  stor¬ 
age  systems  to  each  end  and  used  Cisco  MDS  9000  IP 
Storage  Services  modules  (an  add-on  to  the  MDS  9000  SAN 
switch)  to  establish  an  FCIP  connection  between  the  sys¬ 
tems.  The  vendors  achieved  near  line-speed  performance 
at  the  1,800-mile  distance  and  better  than  85%  of  line 
speed  for  a  3,600-mile  loop, says  Audrey  Harman,  manager, 
technical  staff,  for  Sprint. 


Distance  assistance 

Mirroring  data  between  distant  data  centers  becomes  possible  via  these 
asynchronous  IP-based  replication  options. 


■  Technology 

Description 

Example 

Fibre  Channel  over  IP 

Tunnels  data  from  Fibre  Channel-based  j 
end  systems  over  IP  networks. 

—  Cisco  MDS  9000  IP  Storage  Services  module 

Internet  Fibre 
Channel  Protocol 

Routes  data  from  Fibre  Channel-based 
end  systems  over  IP  networks. 

—  McData’s  Nishan  IPS  switches. 

Block-level  software 

Replicates  blocks  of  data  from  one 
storage  system  to  another. 

—  HitachiTrueCopy 

—  EMC  SRDF/A 

File  system-level 
software 

Replicates  data  changes  from  one  server 
or  storage  system  to  another. 

—  NSI  Software  Double-Take 

—  XOsoft  WANSync 

Proof  of  concept 

The  idea  of  replicating  data  to  a  far-away  back-up  site 
has  taken  on  new  urgency  with  the  heightened  aware¬ 
ness  of  business  resiliency  requirements  since  the  Sept.  1 1 
terrorist  attacks.  The  federal  government  also  has  made 
noise  about  requiring  companies  in  some  industries  to 
back  up  data  to  an  out-of-region  location,  although  it  has 
begged  off  implementing  exact  distance  requirements 
until  at  least  next  year. 

Vendor  efforts  to  demonstrate  the  viability  of  IP  as  a  trans¬ 
port  for  storage  data  over  long  distances  date  back  at  least 
two  years.  In  September  2001,  eight  computer,  storage  and 
network  companies  staged  the  “Promontory  Project,”  in 
which  they  achieved  speeds  of  2.5G  bit/sec  in  shipping 
storage  data  coast  to  coast  over  an  IP  link.  Nishan  provided 
the  IP  storage  switching  gear  for  the  demonstration,  using 
IFCP  to  package  Fibre  Channel  data  for  the  long-haul  link. 
IFCP  encapsulates  Fibre  Channel  data  just  as  FCIP  does, 
but  opens  each  frame  to  look  at  the  source  and  destination 
addresses  and  provides  a  substitute  address,  much  like  a 
network  address  translation  function, says  Tom  Clark, direc¬ 
tor  of  technical  marketing  at  Nishan.  That  makes  IFCP  a 
routable  protocol, he  says,  whereas  FCIP  merely  establishes 
a  tunnel  across  the  IP  network  between  two  Fibre  Channel- 
based  endpoints. 

A  couple  of  years  ago,  a  number  of  start-ups  were  work¬ 
ing  on  IFCP-based  products  ,but  ran  out  of  money  before 
the  market  developed,  Farley  says. 

That  left  Nishan  as  the  only  company  still  actively  push¬ 
ing  the  technology,  while  vendors  including  Brocade 
Communications,  Cisco  and  McData  —  at  least  before 
the  Nishan  deal  —  backed  FCIP 


Euronext.liffe’s  Hemsley  is  using  much  the  same  setup 
to  replicate  databases  of  some  7.5  terabytes  each  in 
London  and  Paris.  The  company  uses  about  655M  of  its 
2.5G-bit/sec  link  between  the  two  sites  for  the  replication 
application.  Hitachi’s  TrueCopy  handles  the  replication 
chores  while  the  Cisco  gear  implements  FCIP  The  setup 
replicates  data  with  only  10ms  of  latency  between  the 
SANs  on  each  end,  he  says. 

“It’s  extremely  effective,"  Hemsley  says.“We  can  start  appli¬ 
cations  in  minutes  out  of  a  second  data  center.  The  SAN 
isn’t  the  limiting  factor  —  the  SAN  speed  is  far  faster  than 
the  human  reaction  time.” 

No  switch  required 

Companies  that  have  more  limited  bandwidth  budgets, 
or  less  demanding  replication  requirements,  might  find 
the  software-only  replication  a  better  option. 

While  the  specifics  vary  depending  on  the  product,  in 
general  these  tools  ship  only  the  changes,  or  deltas,  from 
one  server  to  the  backup, as  opposed  to  sending  entire  disk 
blocks.  How  much  WAN  bandwidth  needed  is  a  function  of 
how  much  of  your  data  changes  and  how  frequently  “Any 
vendor  worth  its  salt  will  have  tools  to  record  your  traffic 
and  know  exactly  what  you  need,”  Duplessie  says.  Most  also 
have  a  throttling  mechanism,  through  which  they  essen¬ 
tially  buffer  data  until  WAN  bandwidth  is  available  —  at  the 
cost  of  immediacy 

PowerDsine.an  Israeli  company  that  makes  products  for 
shipping  electrical  current  over  Ethernet  networks,  uses 
XOsoft  s  WANSync  to  replicate  data  from  four  servers  at  its 
headquarters  in  central  Israel  to  a  backup  in 
Farmingdale,  N.Y,  on  Long  Island.  The  company  uses  no 


more  than  half  a  T-l  Internet  connection  for  continuous 
back  up  of  its  Microsoft  Exchange  server  and  product 
data  management  (PDM)  system,  which  holds  engineer¬ 
ing  data.  At  night,  the  company  also  backs  up  a  file  server 
and  data  from  its  ERP  system,  says  Yaron  Rachmany,  IT 
manager  for  the  firm. 

“The  hardware  solutions  we  looked  at  were  $80,000  to 
$100,000  and  up, ’’says  Asaf  Silberstin  ,vice  president  of  oper¬ 
ations  for  FbwerDsine. “Software  solutions  were  $20,000  to 
$30,000,  max.”The  company  selected  XOsoft  largely  on  the 
strength  of  its  compression  feature,  which  saves  bandwidth, 
and  its  rewind  capability  In  the  event  of  data  corruption,  the 
rewind  feature  lets  FbwerDsine  return  to  a  last  known  good 
state,  and  then  it  replicates  corrected  files. 

At  its  Israeli  headquarters,  FbwerDsine  replicates  data 
from  four  servers  to  one  server  running  WANSync.  Data 
from  that  server  is  then  compressed  —  50%  on  average  — 
and  replicated  to  a  similar  WANSync  server  on  Long  Island. 
In  tests  the  company  ran  before  moving  to  production 
mode,  it  got  Exchange  and  PDM  backup  servers  up  and 
running  “in  a  few  seconds,  or  a  few  minutes  in  the  worst 
scenario,”  Rachmany  says. 

An  alternative  to  tape 

Covanta  Energy  uses  a  WANSync  competitor,  NSI 
Software’s  Double-Take,  for  a  different  sort  of  replication 
requirement.  The  waste-to-energy  firm  operates  about  45 
power  plants  around  the  globe,  each  with  25  to  50  com¬ 
puter  users.  In  2002,  the  company  was  upgrading  servers  in 
27  U.S.-based  plants  and  needed  to  implement  a  backup 
strategy  It  looked  at  traditional  tape  backup,  but  the  price 
came  to  more  than  $240,000  to  outfit  each  server  with  a 
tape  drive  and  back  up  software,  says  Tony  Sica,  IT  director 
for  Covanta,  based  in  Fairfield,  N.J. 

Instead,  the  company  decided  to  run  Double-Take  on 
each  server  it  needs  to  back  up  and  replicate  the  data  in  a 
many-to-one  configuration  to  one  of  two  target  servers  in 
the  firm’s  Fairfield  data  center.  The  company  backs  up 
Exchange  servers  at  each  site  as  well  as  data  from  its  con¬ 
tinuous  emission  monitoring  system,  to  meet  Environ¬ 
mental  Protection  Agency  requirements. That  system  only 
generates  about  3G  bytes  of  data  per  year,  but  each 
Exchange  server  houses  about  30G  bytes  of  data, with  daily 
changes  running  around  10%. 

“[Double-Take]  works  when  your  systems  change  less 
than  20%  dailyf  Sica  says.  “If  we  needed  to  replicate  the 
whole  30G  each  day,  it’s  not  going  to  be  a  good  fit.” 

As  is,  the  back-up  application  requires  only  about  64K 
bit/sec  of  bandwidth  on  the  firm’s  frame  relay  network, 
which  has  512K  bit/sec  links  to  most  locations.  “Changes 
are  instantaneously  updated  to  New  Jersey  We  don’t  have 
to  go  to  last  night’s  backup  if  we  lose  a  server  in  the  middle 
of  the  afternoon,”  he  says.  If  a  disaster  destroys  an  entire 
server,  Sica  says  he  could  configure  a  new  one  with  data 
from  the  New  Jersey  site,  put  the  server  on  a  plane,  “and 
they’ll  have  it  four  hours  later.”The  data  center  servers  are 
backed  up  nightly  to  tape,  which  is  stored  off-site. 

At  a  cost  of  about  $2,000  per  server,  the  Double-Take 
implementation  saved  Covanta  more  than  $200,000  vs.  the 
tape-backup  route. 

The  upshot  is  providing  real  business  continuity  by  repli¬ 
cating  data  out  of  region  is  no  longer  an  exercise  only  for 
those  with  the  largest  IT  budgets. 

“We  were  very  impressed  with  the  technology  Fbwer- 
Dsine’s  Rachmany  says.  “When  we  started  our  project,  we 
only  dreamed  of  results  this  good.” 

Desmond  is  a  freelance  writer  in  Framingham,  Mass.  He 
can  be  reached  at  paul@pdedit.com. 
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Not  all  disk-based  backup  is  created  equal.  More  IT  professionals  have  chosen 
to  install  the  Quantum  DX30  solution  than  any  other  disk-based  backup  product.*  And  for 
good  reason.  The  Quantum  DX30  delivers  complete  and  hassle-free  optimized  backup  and 
restore  functionality  to  your  data  center.  It  integrates  quickly  and  seamlessly  with  your  existing  backup 
software  and  preserves  all  of  the  processes  that  you  have  built  to  ensure  that  your  company 
has  a  bulletproof  data  protection  plan. 

Optimized  for  your  backup  environment.  RAID  arrays  designed  for  general-purpose 
storage  applications  simply  are  not  designed  to  work  with  the  tape  functionality  of  backup 

software  packages  and  require  tuning  and  management  nearly 
identical  to  that  of  your  primary  storage.  You  certainly  could  use  an  off-the-shelf 
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array  to  stage  your  backup.  But  since  Quantum  has  already  taken  the  guesswork  out 
of  doing  it  yourself,  why  wouldn't  you  choose  the  DX30  for  your  disk-based 
backup  solution? 

Put  it  all  together.  Visit  us  on  the  Web  at  www.quantum.com/diskbackup 

to  receive  your  FREE  whitepaper  entitled,  "Enhanced  Backup  —  Delivering  Value  with 
an  Optimized  Backup  Appliance." 
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BY  MIKE  KARP 


IT  managers  today  are  caught  in  an 
endless  three-way  tug  of  war  when  it 
comes  to  storing  and  protecting  cor¬ 
porate  data.  Pulling  them  one  way  is 
their  legal  accountability  for  protecting 
intellectual  property.  Pulling  them  another 
way  is  their  need  to  prove  IT  effectiveness  by 
meeting  performance  metrics  laid  out  in  service- 
level  agreements. The  increasing  need  to  justify  how 
every  dollar  invested  in  IT  assets  supports  business 
processes  pulls  them  in  a  third  direction. 


The  importance  of  data  protection  —  and  of  managing  that  data  once 
it  has  been  protected  —  has  set  in  motion  several  storage  initiatives.  One 
of  the  most  interesting  is  the  concept  of  the  information  life  cycle,  which 
assumes  that  the  value  of  data  (and  of  the  information  it  provides)  will 
change  according  to  a  generally  predictable  set  of  circumstances. 
Because  the  circumstances  are  known,  managing  the  data  proactively 
throughout  each  stage  of  this  life  cycle  becomes  IT’s  job,  taking  into 
account  any  application  and  legal  requirements. 

The  term  information  life-cycle  management  (1LM)  might  be  relatively 
new,  but  the  concept  has  been  around  for  many  years.  Decades  ago,  even 
the  largest  storage  devices  were  small  compared  with  what  we  expect  to 
see  today  Mainframe  vendors,  under  pressure  from  IT  managers  facing 
space  constraints  on  their  primary  (and  very  expensive)  storage  devices, 
began  to  develop  methods  for  migrating  data  from  expensive  disk  drives 
such  as  Direct  Access  Storage  Devices  (DASD)  to  lower  performance  (but 
much  less  expensive)  tape  drives  and,  eventually,  to  optical  media.  IT 
managers  viewed  storage  as  a  hierarchy, with  fast/expensive  devices  at  the 
top  and  slower/less-expensive  devices  at  the  bottom.  And  so  the  process 
of  migrating  data  from  DASD  to  tape  became  known  as  hierarchical  stor¬ 
age  management  (HSM). 

Typically,  IT  managers  manually  initiated  this  data  migration  to  less- 
costly  devices.  'Hie  migrations  ran  as  batch  jobs,  and  first-in  first-out 
operations  through  which  older  data  was  “demoted”  to  the  lower  per¬ 
forming  devices  to  make  way  for  newer  data  irrespective  of  its  actual 
value.  Managers  looked  for  high  watermarks,  points  at  which  it 
appeared  that  disk  utilization  was  in  danger  of  being  maxed  out.  When 
this  happened,  they  usually  backed  up  or  archived  everything  on  a  disk 
to  tape.  They  managed  relatively  little,  however,  and  as  a  result,  tape 
media  companies  flourished,  whole  facilities  were  given  over  to  tape 
storage,  and  the  time  to  re-acquire  data  via  a  tape  restore  often  chal¬ 
lenged  even  the  most  patient  IT  managers. 

Nowadays, 11A1  focuses  on  understanding  the  value  of  the  reference 
data  that  supports  business  needs,  and  on  providing  policies  for  proac- 


analyst  tells  why 
understanding  the  value 
of  corporate  data  must 
come  before  your  no-fail 
business-continuity 
plan  can  soar. 


tively  managing  that  data  in  accordance  with  its  value. 
This  correlation  is  important.  It  means  the  manage¬ 
ment  system  moves  data  to  devices  that  provide  levels 
of  support  that  are  appropriate  to  the  data’s  value  and 
use.  High-value  data  that  must  be  accessed  frequently 
and  that  demands  high  availability  goes  on  high-perfor¬ 
mance  devices,  and  gets  access  to  high-performance 
backup  and  recovery  services.  Data  of  lower  value  (or  high- 
value  data  that  does  not  require  high-speed  access)  is  allocat¬ 
ed  to  slower,  less-expensive  devices. 

One  difference  between  ILM  and  HSM  is  that,  with  the  ILM  system,  data 
is  tracked  and  maintained  at  an  availability  level  defined  by  IT  manage¬ 
ment.  So  if  a  certain  dataset  requires  availability  within  30  minutes  under 
any  circumstances,  an  ILM  policy  will  prohibit  its  transfer  to  devices  that 
cannot  provide  this  level  of  service. 

Yet  another  advantage  of  migrating  data  to  a  policy-defined  set  of  stor¬ 
age  hardware  is  increased  optimization  of  the  overall  storage  system. 
Because  IT  can  establish  policies  that  make  sure  lower  value  data  does 
not  take  up  expensive  space  on  high-performance  devices,  it  receives 
the  double  benefit  that  comes  with  optimizing  disk  usage  in  favor  of 
data  value.  IT  can  make  sure  high-performance  storage  space  is  avail¬ 
able  for  data  that  deserves  it,  while  deferring  investments  in  additional 
high-performance  storage  because  it  is  more  efficiently  allocating  the 
assets  currently  in  operation. 

Also  inherent  within  ILM  is  the  ability  to  track  data  throughout  its  life 
cycle,  and  to  make  an  audit  trail  available  to  whomever  might  need  it. 
Today,  the  “whomever”  might  be  a  corporate  officer,  a  stockholder  or, 
with  increasing  frequency, a  federal  or  industry  regulatory  body  that  has 
established  formal  rules  regarding  data  retention  and  access. 

Significantly,  managing  the  data  life  cycle  begins  the  moment  the  data 
takes  residence  on  a  system,  and  lasts  until  such  point  as  the  data  is  per¬ 
manently  retired.  In  every  sense,  ILM  requires  ongoing  supervision  of 
data  and  of  the  storage  assets  that  protect  it.  In  many  cases,  this  is  more 
than  just  a  good  idea,  it  is  the  law. 

Fundamental  concepts 

When  it  comes  to  managing  data,  every  company  has  its  own  set  of 
rules  that  gets  translated  into  formal  IT  policy.  Whatever  those  rules  are, 
underlying  them  must  be  these  basic  assumptions: 

Assumption  1:  In  an  IT  environment  with  limited  resources,  each 
piece  of  data  must  be  given  every  bit  of  protection  it  deserves . . .  but  not 
one  iota  more.  If  information  is  a  company’s  most  important  asset,  it 
must  be  given  all  the  protection  it  needs.  But  unless  a  site  has  unlimited 
time,  storage  assets  and  personnel,  resources  allocated  to  one  set  of 
data  —  disk  space,  tape  media,  operators’  time  and  so  forth  —  can  be 
re-allocated  only  to  other  data  if  managers  are  willing  to  accept  the 
effect  this  will  have  on  protecting  the  first  dataset. 

In  IT  departments  where  budgets  are  limited  but  demands  are  not, 
managers  know  maintenance  windows  do  not  get  larger  just  because 
more  data  needs  backing  up.  If  no  more  hours  can  be  added  to  the  day 
and  no  more  assets  can  be  provided  to  make  the  work  more  efficient,  and 

See  Tools,  page  S20 


Six  steps  to 
managing 
information’s 
life  cycle 

1  Identify  all  regulatory 
and  corporate  policy 
issues  that  affect  the 
information  life  cycle  of 
each  dataset. 

2  Understand  the  value 
of  data  at  each  stage  of 
its  life  cycle,  including 
the  key  issues  of  how  long 
the  data  remains  active  and 
how  business  processes  use 
the  data. 

3  Identify  critical  busi¬ 
ness*  functions,  and 
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r  r:  '  ?  Iron  I-S  e:  s  The  serial  backplane  is  an  increasingly  hostile 
environment.  In  assessing  the  right  device  for  your  multigigabit  backplane  designs,  a  clean 
eye  diagram  is  a  crucial  measurement.  But  relying  on  this  alone  could  result  in  critical  consequences  -  Bit  Errors 
and  ultimately  systems  failure  can  result  if  your  solution  does  not  deliver  the  right  features. 


For  complete  storage  solutions 
visit  www.pmc-sierra.com/storage 
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PMC-Sierra...  A  clean  eye  diagram  and  more. 

Do  your  backplane  devices  deliver  these  critical  features? 

1.  Guaranteed  Receiver  Jitter  Performance  to  achieve  Bit  Error 
Rates  better  than  1015 

2.  Cross-talk  immunity  from  connector  and  via  discontinuities 

3.  Electro  Static  Discharge  (HBM  and  CDM)  tolerance 
without  compromising  signal  integrity 

4.  Power  supply  noise  immunity 

5.  Latch-up  protection  for  hot  swap 

6.  Low  Latency  and  fast  lock  times 


Retransmitted  3G  Serial 
Backplane  After  Retimer 


SERDES 

Octal  PHY®  1G  -  8-Channel  1.0-1.25  Gbits/s 

QuadPHY®  1G  -  4-Channel  1.0-1.25  Gbits/s 

QuadPHY®  11™  -  4-Channel  2.125  to  3.125  Gbit/s 

QuadPHY®  FC  -  4  Channel  1.0625  8c  2.125  Gbit/s  Fibre  Channel 

QuadPHY®  10GX  - 10  GE  and  10  Gigabit  Fibre  Channel 

QuadPHY®  1GR  -  4-Channel  1.0625  to  1.25  Gbit/s  Transceiver 

HEXPHY 1GR  -  6-Channel  1.0625  to  1.25  Gbit/s  Transceiver 
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continued  from  page  S18 

if  all  available  assets  are  already  in  use,  then  protection 
given  to  one  dataset  most  likely  must  be  withdrawn  from 
another.  As  a  result,  IT  managers  must  balance  their 
resources  and  make  tough  decisions  about  which  of  mul¬ 
tiple  jobs  should  take  precedence. 

Assumption  2:  All  information  is  not  of  equal  value  to 
an  organization.  All  information  is  not  created  equally, 
and  under  conditions  of  limited  resources,  it  follows  that 
data  of  different  values  cannot  be  afforded  the  same 
level  of  corporate  resources  for  maintenance  and  pro¬ 
tection.  At  its  simplest,  this  means  the  data  for  the  depart¬ 
mental  football  pool  is  less  deserving  of  corporate 
resources  to  protect  it  than  are  the  files  containing  the 
accounts  receivable.  At  a  more  complex  level,  this  might 
mean  examining  the  value  of  data  at  a  more  detailed 
level.  Such  a  situation  might  incorporate  the  assump¬ 
tions  that  most  e-mail  is  valuable,  but  that  the  CEO’s  e- 
mail  is  the  most  valuable.  It  would  be  assigned  the  high¬ 
est  value  and  be  protected  accordingly. 

Assumption  3:  The  value  of  information  to  an  organi¬ 
zation  changes  over  time.  For  several  reasons,  data  might 
shift  in  value.  Understanding  this  change,  and  adapting 
the  IT  support  structure  to  accommodate  it,  lies  at  the 
heart  of  ILM. 

High-value  data  is  entitled  to  one  set  of  services,  lower- 
value  data  to  another. With  ILM,data  migrates  from  one  set 
of  assets  to  another  when  warranted  by  a  change  in  its 
value. Value  changes  occur  for  three  main  reasons: 

•  Predictable  (cyclical)  depreciation.  Because  of  the 
way  certain  applications  are  used,  the  data  associated 
with  them  depreciates  at  what  are  essentially  predictable 
rates.  The  value  of  data  associated  with  an  accounts- 
payable  program  is  time-driven.  For  example,  it  will 
change  in  value  in  direct  relation  to  the  way  bills  are  paid. 
Data  about  bills  to  be  paid  in  March  will  have  lesser  value 
in  April,  but  will  still  be  valuable  as  reference  data  for 
many  business  processes.  Months  later,  the  same  dataset 
can  be  demoted  to  less-costly  storage  as  the  likelihood  of 
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Data  or  information? 

Some  companies  use  the  terms  “information 
life  cycle”  and  “data  life  cycle”  interchange¬ 
ably,  but  the  difference  between  “data”  and 
“information”’  is  distinct. 

Data  consists  of  collections  of  facts  that  are 
not  interpreted  and  —  because  of  that  —  with¬ 
out  meaning.  Only  when  data  is  interpreted 
does  it  take  on  significance  and  become  infor¬ 
mation.  For  example,  the  number  "4”  is  data, 
whereas  “$4”  is  information. 

Additionally,  a  single  dataset  can  provide 
many  types  of  information,  the  value  of  which 
might  far  outstrip  the  assumed  value  of  the 
data.  Such  is  the  case  when  a  user  is  allowed 
to  cross-tab  a  database,  or  when  multiple 
users  can  access  a  data  file  and  get  different 
kinds  of  value  from  it.  In  the  latter  instance, 
one  group  might  access  a  CAD  drawing  for 
design  purposes  while  another  uses  it  to  pro¬ 
duce  a  materials  bill. 

We  use  the  term  information  life-cycle  man¬ 
agement  because  it  takes  into  account  the 
higher  order  of  value  that  information  offers. 

-  Mike  Karp 


Tools  for  managing  the  information  life  cycle 


Companu 

ApplQ 

ApplQ  Solution  Suite 

Monitoring,  managing,  analysis,  system 
configuration  tools. 

Computer  Associates 

BrightStor  Process  Automation  Manager 

Media  life-cycle  management. 

FalconStor  Software 

IPStor;VTL  Appliance 

Virtualization  software;  virtual  tape  library 
appliance. 

Hewlett-Packard 

. . . . .  . . . . —  1  1 "  1 — - 1 

HP  Openview  Storage  Area  Manager 
Suite.  Multiple  hardware  offerings 

Data  management,  data  retention  management, 
reference  information  management. 

OuterBay  Technologies 

RenewData 

Application  Resource  Monitor,  LiveAnchive 

Monitors,  manages  data  growth. 

ActiveComply,  Active  Vault 

Develops  policies  for  data  retention;  optimized 
data  repository. 

StorageTek 

Multiple  hardware  offerings/services 

Online,  inline,  nearline  and  offline  storage  hardware. 

Sun 

SOURCE:  ENTERPRISE  MANAGEMENT  A< 

Multiple  hardware  offerings/services 

Available  from  Sun  and  its  extensive  network  of 
technology  partners. 

the  data  being  referenced  decreases  further. 

•  Application  event  triggers.  Certain  applications  lend 
themselves  to  less  predictability  than  do  others  during 
some  phases  of  their  life  cycles.  Medical  records,  for 
example,  get  a  high  degree  of  use  (and  consequently  have 
high  value)  during  patient  visits,  but  might  lie  dormant  for 
years  between  visits  and  in  most  cases  are  of  little  refer¬ 
ence  value  after  a  patient’s  death.  Because  of  recent  regu¬ 
latory  requirements  that  cause  medical  records  to  be  kept 
for  30  years,  however,  their  value  continues  (although  at  a 
much  lower  level)  well  into  the  future. 

•  Regulatory  compliance  issues. Within  the  last  few 
years,  U.S.  regulatory  agencies  have  imposed  formal 
requirements  on  IT  regarding  data  retention  and  accessi¬ 
bility  The  two  best-known  among  these  are  the  Sarbanes- 
Oxley  Act  of  2002,  which  requires  financial  records  be 
maintained  and  kept  accessible  for  at  least  seven  years, 
and  The  Health  Insurance  Portability  and  Accountability 
Act,  which  mandates  that  patient  health  records  be  kept 
private  and  secure  for  six  years.  As  a  result  of  such  regu¬ 
latory  requirements, some  kinds  of  data  might  continue 
to  maintain  a  definable  value  for  many  years  after  it  has 
stopped  being  used. 

Improving  business  continuity  with  ILM 

Because  ILM  seeks  to  manage  data  through  the  most 
efficient  use  of  storage  resources,  it  typically  contains  poli¬ 
cies  that  address  the  issues  of  data  protection, replication, 
archiving  and  deletion,  as  well  as  media  management. 
Depending  on  local  policies,  a  company  might  move 
around  data  with  surprising  frequency  Fortunately,  all  this 
need  not  complicate  business  continuity  plans. 

Implicit  in  managing  all  this  data  movement  is  the  abil¬ 
ity  of  the  management  software  to  track  each  step  of  the 
data’s  migration.  Now  the  same  capability  that  provides 
regulatory  agencies  with  auditing  data  can,  when  inte¬ 
grated  with  corporate  disaster-recovery  programs, provide 
the  pathway  to  the  most  valid  set  of  the  most  valuable 
data.  And  of  course,  because  the  ILM  policies  have  allo¬ 
cated  the  most  valuable  data  to  the  most  robust  storage 
hardware  and  services,  the  likelihood  of  vital  data  being 
preserved  locally  and  remotely  can  be  greatly  increased. 

Hardware  and  management  software  play  vital  roles 
when  it  comes  to  efficient  I1JV1.  Fortunately,  corporations 
are  learning  to  treat  data  availability,  performance,  recov¬ 
ery  objectives  and  retention  policies  differently  based  on 
data’s  business  value  at  a  given  time.  Vendors  too  have 
been  paying  attention.  IT  managers  looking  to  implement 
ILM  will  find  helpful  products  from  a  range  of  storage  soft¬ 


ware  and  hardware  vendors, as  well  as  traditional  systems 
management  providers. 

Additionally  two  relatively  recent  categories  of  storage 
hardware  offer  great  value  potential  when  it  comes  to 
ILM.  Along  with  the  traditional  offerings  of  tape,  optical 
storage  and  high-performance  disk,  managers  should 
consider  serial-attached  ATA  (SATA)  disks  and  virtual 
tape  as  candidates  for  their  site’s  hardware  mix. 

SATA  takes  the  same  inexpensive  parallel  disk  technol¬ 
ogy  used  in  desktop  computers  (commonly  known  as 
Integrated  Drive  Electronics  [IDE]  or  enhanced  IDE) 
and  gives  it  a  serial  interface.  Some  vendors  have  seen 
this  as  an  opportunity  to  provide  relatively  inexpensive 
storage  systems  for  use  with  data  that  is  not  business-crit¬ 
ical.  It  is  now  available  in  both  Just  a  Bunch  Of  Disks 
(JBOD)  and  RAID  configurations,  and  in  some  cases  has 
a  much  higher  level  of  reliability  than  does  the  IDE  tech¬ 
nology  we  have  all  used  for  the  last  decade. 

A  virtual  tape  library  (VTL)  operates  like  a  standard 
tape  library,  but  is  disk-based.  Because  VTLs  use  disks, 
they  remove  the  opportunity  for  both  robotic  failure  and 
media  error.  Also,  because  disk  I/O  in  most  cases  is  much 
faster  than  tape  I/O, VTLs  offer  faster  backup  and  restore 
speeds,  which  can  be  a  big  help  to  managers  who  must 
cope  with  shrinking  maintenance  windows  and  have  a 
need  for  rapid  restores. VTLs, some  of  which  are  available 
as  appliances,  are  offered  by  a  range  of  storage  vendors 
including  FalconStor  and  StorageTek.  VTLs  are  likely  to 
be  particularly  well-suited  to  distributed  companies  and 
remote  locations  where  IT  skills  are  at  a  minimum. 

Which  data  deserves  your  team’s  best  efforts 
and  your  highest  levels  of  service?  At  what  point  does 
that  dataset  change  in  value,  and  become  less  (or 
more)  deserving  of  your  business-con¬ 
tinuity  efforts?  Understanding  the 
value  of  your  data  through  each  '  u  s  '  o  A 

stage  of  its  life  cycle  will  go  a 
long  way  toward  more  intelli¬ 
gent  assignment  of  the  soft¬ 
ware,  hardware  and  services 
that  you  need  to  ensure  conti¬ 
nuity  of  crucial  business 
processes. 


Karp  is  a  senior  analyst  with 
Enterprise  Management  Associ¬ 
ates,  into  the  marketplace.  He 
can  be  reached  at  mkarp@ 
ernausa.com. 


More  online! 

Read  more  from  Mike  Karp  in 
or  free,  twice  weekly  “Storage 
in  the  Enterprise"  newsletter. 
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"he  success  stories  of  2004  will  be  written  at  LANs: 
Orchestrating  Your  Network  Assets,  the  new  Network 
World  Technology  Tour  event  for  November.  And  you 
need  to  be  there  to  gather  the  facts,  find  the  answers,  and 
explore  the  options  ahead  to  achieve  a  new  year  of  success. 
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Whale  s  SSL  VPN  is  the  most  cost  effective  way  to  keep  business  running  when  your  physical  location 
becomes  inaccessible.  Whales  e-Gap  appliance  is  non-intrusive  to  your  infrastructure  and  can  be 
centrally  administered.  This  robust  enterprise-class  solution  provides  "anywhere  access"  for  users 
working  from  home,  borrowed  computers,  Internet  kiosks  or  wireless  devices. 
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NetworkWorld 


Update 

■  AN  INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


IP  Centrex  reduces  telephony  costs 


HOW  IT  WORKS 


IP  Centrex 

With  a  hosted  IP  telephony  service,  voice  is  transmitted 
in  packets  across  a  broadband  network. 
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O  Service  provider  manages  and 
maintains  the  IP  Centrex  network, 
which  customers  access  through 
an  IP  connection. 

O  Using  a  PC  or  IP  phone,  user  sets 
up  and  conducts  IP  call. 

©  Users  can  add  new  services  from 
the  carrier  through  a  Web-based 
interface. 


Customer 

gateway 

IP  end¬ 
points 


■  BY  TOM  TAVARES 

Some  companies  that  want  to  imple¬ 
ment  IP  telephony  lack  the  staff  required 
to  manage  complex  networks  or  can’t 
afford  to  invest  in  an  IP  PBX.  IP  Centrex 
could  be  just  the  remedy,  as  the  hosted 
service  lets  enterprise  users  save  on  oper¬ 
ational  and  capital  expenditures, and  reap 
the  benefits  of  next-generation  voice-over- 
IP  services. 

With  IP  Centrex,  the  carrier  handles  call 
control, service  logic  and  all  responsibility 
for  network  equipment,  customer  provi¬ 
sioning,  operations,  administration  and 
maintenance. 

Abundance  of  features 

Subscribers  to  IP  Centrex  have  access 
to  more  than  300  features,  such  as  click- 
to-dial,  add  and  transfer,  find  me/follow 
me,  instant  messaging  and  IP  conferenc¬ 
ing.  In  addition,  customers  gain  tradi¬ 
tional  voice  applications  such  as  call 
blocking,  forwarding,  hold,  transfer,  call 
waiting,  voice  mail,  caller  ID,  distinctive 
ringing,  message  waiting,  three-way  con¬ 
ferencing,  and  restrictions  such  as  900- 
blocking. 

IP  Centrex  encompasses  a  number  of  IP 
telephony  services  that  offer  voice  to 
companies  that  transmit  calls  as  packets 
across  a  broadband  access  network.  A  sin¬ 
gle  broadband  access  network  is  used  to 
carry  the  packetized  voice  streams  for 
multiple  calls.  When  calls  are  not  active, 
more  bandwidth  can  be  allocated  to  high¬ 
speed  data  sessions  such  as  Internet 
access  over  the  same  broadband  connec¬ 
tion.  This  represents  a  significant  cost  sav¬ 
ings  for  large  companies  whose  IP  band¬ 
width  can  become  scarce. 


Carriers  can  implement  IP  Centrex  via  a 
Class  5  switch  or  softswitch-based  archi¬ 
tecture.  They  can  roll  out  new  services 
using  existing  Class  5  switches  by  adding 
network  gateways.The  Class  5  approach  is 
actually  an  IP-enabled  hybrid  called 
Centrex  IP 

In  the  second  scenario,  the  Class  5 


switch  is  replaced  with  a  softswitch.  The 
Softswitch  architecture  uses  an  applica¬ 
tion  server  instead  of  a  network  gateway 
Here  are  the  components  that  link  cus¬ 
tomer  networks  to  a  service  provider: 

•  Centrex  network  gateway:  Used  only  in 
a  Class  5-based  architecture,  this  access 
element  acts  as  a  bridge  between  the  cir¬ 


cuit-switched  and  packet-based  distribu¬ 
tion  network,  and  appears  as  a  gateway  It 
lets  packet-based  phone  subscribers  ac¬ 
cess  existing  traditional  Centrex  features 
on  the  Class  5  switch  and  provides  IP 
Centrex  features  to  enterprise-class  sub¬ 
scribers  terminated  on  IP  endpoints.  The 
user  interface  is  Web-based  and  provides 
an  intuitive  method  to  customize  service 
offerings. 

•  Centrex  application  server:  In  a 
softswitch  architecture,  the  Centrex  fea¬ 
tures  reside  on  an  application  server  that 
interfaces  or  integrates  with  a  softswitch 
for  call  control  via  Session  Initiation 
Protocol  or  H.323,  and  gateways  that 
interface  to  the  public  switched  tele¬ 
phone  network. 

•  Customer  gateway:  Common  to  both 
architectures,  the  IP  Centrex  interface  sup¬ 
ports  various  endpoints  such  as  analog  IP 
and  traditional  desktop  phones  if  the  user 
is  not  equipped  with  an  IP  endpoint. 

IP  Centrex  comes  together 

With  these  elements  in  place,  IP  Centrex 
delivers  telephony  services  over  any 
means  of  transport,  including  hybrid  fiber 
coaxial,  fiber  or  DSL.  It  provides  a  level  of 
network  efficiency  that  increases  mobility 
and  accessibility,  and  lets  carriers  bundle 
voice,  video  and  data  packages  with  an 
easy  migration  to  enhanced  services. 

Tavares  is  senior  product  manager  for 
Excel  Switching.  He  can  be  reached  at 
ttavares@xl.  com. 

■  For  more  on  hosted  telephony,  turn 
to  page  74  for  a  story  about  IP 
Centrex  deployment. 

\ _ y 


Dr.  Internet  By  Steve  Blass 

When  multiple  connection  streams  occur 
simultaneously  in  the  protocol  stack  (for  exam¬ 
ple,  Telnet,  FTP  session  and  e-mail),  all  the  data 
comes  in  on  the  same  wire  of  the  network  inter¬ 
face  card,  so  the  divergence  of  individual  datas- 
treams  happens  between  the  physical  layer  and 
the  application  layer  using  ports  or  service 
access  points,  depending  on  which  protocol  stack 
you're  running.  Where  do  the  individual  data- 
streams  diverge,  and  why? 


Datastreams  are  split  early  and  often  to  acceler¬ 
ate  processing  on  the  way  up  the  network  stack  to 
the  application.  Data  link  frames  coming  into  the 
machine  are  separated  by  type  to  determine  which 
protocol  software  module  should  process  the 
frame.  IP  frames  go  to  the  IP  stack.  The  IP  stack 
separates  datastreams  based  on  the  protocol  type 
field  in  the  IP  datagram  header.  UDP  processing 
software  places  datagrams  in  queues  based  on 
source  and  destination  ports.  TCP  also  distinguish¬ 


es  source  and  destination  address  to  provide  con¬ 
nection-oriented  session  services  for  applications. 
On  the  way  back  to  the  network  wire,  each  layer  in 
the  stack  that  needs  to  will  add  a  header  used  at 
the  other  end  to  make  layer-specific  decisions 
about  which  application  process  gets  the  data. 

Blass  is  a  network  architect  at  Change@Worh  in 
Houston.  He  can  be  reached  at  dr  inter  net® 
changeatwork.  com. 
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Euphoric  about  Euphoria 


GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


"It's  the  year  2399.  The  galaxy  is  domin¬ 
ated  by  the  evil  forces  of  the  C  empire. 
Piogrammers’ minds  are  being  enslaved  to 
the  C  language.  Your  objective  as  comman¬ 
der  of  the  Euphoria  is  to  rid  the  galaxy  of  the 
50  C  ships  and  spread  euphoria  throughout 
the  galaxy.  Forty  of  these  evil  ships  are  regu¬ 
lar  C  ships,  9  are  the  more  powerful  ANSI  C 
ships,  and  a  single  ship,  lurking  somewhere 
in  the  galaxy,  is  the  extremely  powerful  and 
terrifying  C++.” 

—  Introduction  to  the  game  “Language 
War”  written  in  the  language  Euphoria 
showing  the  adherents’  fervor. 

As  you  might  have  noticed,  here  in 
Gearhead  we  have  a  slight  obsession 
with  computer  languages  because  your 
language  choices  for  IT  projects  will 
have  a  huge  effect  on  systems  architec¬ 
ture,  functionality,  maintainability  and 
your  sanity.  Moreover,  one  language 
won’t  fit  all  your  needs.  Sometimes  you 
need  a  language  for  big  systems  stuff, 


other  times  you’ll  need  one  for  ad  hoc 
systems  admin  stuff,  and  they  likely  will 
be  quite  different  beasts. 

Over  the  past  few  years  we’ve  covered 
many  large-scale  and  well-known  lan¬ 
guages,  including  FVsrl,  Python  and  PHP 
We’ve  delved  into  exotica  such  as  Rebol 
and  Jython.This  week,  we  look  at  yet  anoth¬ 
er  exotic  programming  tongue  that,  while  it 
is  not  well  known,  actually  is  supported  by 
an  active  and  vociferous  community  The 
language  in  question  is  Euphoria. 

Euphoria,  the  creation  of  Robert  Craig  of 
Rapid  Deployment  Software  in  1993,  can 
be  found  at  www.rapideuphoria.com.Why 
is  it  called  Euphoria?  Because  the  name  is 
an  anagram  for  End  User  Programming 
with  Hierarchical  Objects  for  Robust 
Interpreted  Applications.  A  somewhat 
labored  joke  to  be  sure,  but  now  you  know. 

Euphoria  is,  however,  profound  and  very 
interesting.  Supported  on  Windows,  DOS, 
Linux  and  FreeBSD,  it  is  an  interpreted  lan¬ 
guage  with  some  impressive  features.  For  a 
start,  Euphoria  is  amazingly  fast  consider¬ 
ing  that  it  is  interpreted. The  Euphoria  Web 
site  says  that  it  is  30  times  faster  than  Perl  or 
Python.  And  there’s  also  a  Euphoria-to-C 
translator  that  can  boost  execution  speed 
even  further. 

Under  the  hood,  Euphoria  is  a  block- 


structured  language  with  a  line-based  syn¬ 
tax  and  a  simple  data  model  that  makes  it 
suitable  for  general  application  develop¬ 
ment.  In  Euphoria,  all  data  elements  are 
either  atoms  or  sequences,  which  makes  it 
pretty  similar  to,  say  C  or  C++.  Atoms  are 
numeric  and  include  characters,  integers 
or  floating  point  values.  Sequences  can 
contain  atoms  and  other  sequences  and 
can  be  any  length. 

Indexing,  slicing  and  the  ability  to  distrib¬ 
ute  scalar  operations  over  sequence  mem¬ 
bers  (that  is,  if  you  multiply  a  sequence  by 
an  integer  every  member  of  the  sequence 
is  acted  upon  individually)  are  all  support¬ 
ed,  and  type  checking  is  built-in.  Euphoria 
enforces  sequence-index  bounds  and  func¬ 
tion-return  values  and  —  this  is  crucial  — 
there  are  no  pointers!  As  with  C#or  Python, 
the  lack  of  pointers  goes  a  long  way  to 
ensure  that  programming  mistakes  such  as 
writing  over  variables  and  memory  bounds 
are  avoided.  Euphoria  also  uses  automatic 
garbage  collection  so  programmers  don’t 
have  to  manage  memory  manipulation 
and  “memory  leakage”  (a  common  prob¬ 
lem  with  C  programs)  is  avoided. 

On  the  down  side,  Euphoria  doesn’t  sup¬ 
port  advanced  features  such  as  threads, 
exceptions  or  higher-order  functions,  but 
you  can  integrate  Euphoria  code  with 


other  languages,  call  external  system  APIs 
or  migrate  your  Euphoria  code  through 
translation  to  C. 

Euphoria  offers  extensive  run-time  error 
checking,  and  if  something  goes  wrong  in  a 
Euphoria  program  at  runtime  a  detailed 
error  message  is  produced  with  a  call 
traceback  and  a  listing  of  variable  values. 

It  also  includes  an  integrated  full-screen 
source-level  debugger  and  tracer,  and  an 
execution-count  profiler  and  a  time  profiler 
(for  DOS32)  are  available.  You  can  even 
save  programs  as  stand-alone  .exe  files! 

Third-party  support  is  active  with  lots  of 
programs  and  libraries  that  are  typically 
open  source.  And  the  publisher  offers  a 
database  system  for  Euphoria  that  runs  on 
all  supported  platforms. 

So  what  does  it  cost?  Nothing  for  the 
basic  version, but  for  $29  you  get  full  debug 
and  trace,  the  ability  to  package  programs 
in  .exe  form,  support  for  execution-count 
profiling  and  time  profiling  (for  DOS32). 
For  another  $29  you  can  get  the  Euphoria- 
to-C  translator  and  for  $49  more  the  source 
of  the  interpreter.  And  under  all  licenses, 
you  can  distribute  Euphoria  program  roy¬ 
alty-free. 

Take  a  look  at  Euphoria  and  tell  us  what 
you  think  at  gearhead@gibbs.com. 
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Quick  takes 
on  high-tech  toys 

By  Keith 
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Sprint  launches  Handspring  Treo  600 

After  months  of  anticipation,  the 
world  finally  gets  to  see  the  Handspring 
Treo  600  smartphone.  The  tiny  con¬ 
verged  device  —  combining  a  cell 
phone,  Palm  OS-based  PDA,  digital  cam¬ 
era,  integrated  keyboard  and  color 
screen  —  is  available  through  Sprint’s 
retail  and  business  channels,  the  com¬ 
pany  says.  It  is  priced  at  $600, and  Sprint 
is  offering  a  $100  or  $150  rebate  for  cus¬ 
tomers  who  get  a  one-  or  two-year  PCS 
voice  plan. 

The  Treo  600  sports  a  144-MHz  ARM  9 
processor,  runs  on  the  Palm  5.2. 1HS 
operating  system,  and  has  a  backlit 
qwerty  keyboard,  32M  bytes  of  memory 
(24M  bytes  available  for  users)  and  an 
integrated  Secure  Digital/MultiMedia 
Card  slot  for  expansion.  An  optional 
stereo  headset  adapter  will  let  users  lis¬ 
ten  to  MP3  files. 

The  device  also  includes  a  proxyless 
Blazer  Web  browser  to  view  HTML- 
based  Web  sites.  The  browser  supports 
JavaScript,  frames,  cascading  style 
sheets  and  several  image  formats.  For 


wireless  e-mail,  Sprint  includes  the  PCS  Business 
Connection  Enterprise  Edition  (network-based,  $10  per 
month)  or  the  PCS  Business  Connection  Personal 
Edition  (software-based,  $5  per  month).  Both  versions 
support  Microsoft  Exchange-  and  Lotus  Domino-based 
mail  servers. 

Sharp  releases  3-D  notebook 

Sharp  Systems  of  America  announced  last  week  a  note¬ 
book  that  can  display  3-D 
images  to  the  naked  eye. 

The  Sharp  Actius  RD3D, 
priced  at  about  $3,300,  uses 
technology  that  divides  light 
from  the  15-inch  LCD, 
and  different 
patterns 
reach  a  view¬ 
er’s  left  and 
right  eyes, 

Sharp  says.  When 
a  user  sits  in  front  of 
the  display, each  eye  will 
get  the  correct  visual  informa¬ 
tion  for  the  brain  to  process, 
making  it  seem  as  if  the  image 
is  3-D  without  having  to  wear 
those  red  and  blue  goggles. 

The  notebook  also  can 
switch  between  2-D  and  3-D 
images  at  the  touch  of  a  but¬ 
ton,  so  applications  that  don’t 
take  advantage  of  3-D  still  can 
be  run  on  the  notebook. 

The  Actius  RD3D  runs  on  an 
Intel  Pentium  4  2.8-GHz 
processor,  has  512M  bytes  of 
DDR  SDRAM  (upgradeable  to 


Sprint's  tiny  Handspring  smartphone  fea 
tures  a  PDA,  digital  camera  and  more. 


1G  byte), a  60G-byte  hard  drive, and  the  NVIDIA  GeForce 
4  440  Go  graphics  card  with  64M  bytes  of  graphics  mem¬ 
ory.  The  notebook  also  includes  a  DVD  combination 
drive  (DVD-R/-RW/RAM  and  CD-R/RW  capabilities),  four 
USB  2.0  ports,  integrated  10/100  Ethernet,  a  V.90  modem, 
an  IEEE  1934  port,  and  expansion  slots  that  support 
Memory  Stick,  Secure  Digital,  SmartMedia  and  Compact 
Flash  cards. 

D-Link  offers  802.1 1g  power  boosts 

I  Two  vendors  have*  offered  802.1  lg 
upgrades  that  bring  the  theoretical  data  rate 
of  the  technology  from  54M  bit/sec  up  to 
108M  bit/sec  (actual  data  rates  are 
lower  because  of  Internet 
"  traffic  overhead). 

D-Link  Systems  last 
week  released  a  free 
firmware  upgrade  for  all 
its  Xtreme  G  series  prod¬ 
ucts,  including  the  DI-624 
four-port  wireless  router 
for  $130).  In  perfor¬ 
mance  testing  that 
D-Link  conducted,  the 
company  says  it  achieved  about  60M  bit/sec  of  actual 
throughput  when  testing  in  static  mode  (the  108g  mode) 
and  about  36M  bit/sec  when  in  a  mixed-mode,  mixed- 
vendor  environment.  The  free  upgrade  is  available  at 
www.dlink.com. 

Netgear  also  recently  offered  a  wireless  power  boost 
through  its  new  WGT624  wireless  firewall  router  ($150) 
and  WG51  IT  wireless  PC  Card  ($90). 

D-Link’s  firmware  upgrade  covers  all  its  existing  series  G 
products,  while  Netgear  is  offering  a  new  product  to 
reach  the  higher  speeds. 

Shaw  can  be  reached  at  kshaw@nww.com. 


In  D-Link's  performance  test 
the  DI-624  four-port  wireless 
router  rated  about  60M  bit/ 
sec  of  actual  throughput 


Shrinking  budgets.  More  applications.  Bigger  files. 

BellSouth®  Metro  Ethernet  Service.  The  solution  to 


deliver  cost-effective,  more  reliable  and  robust  transport  for  your 
growing  network.  You  won't  need  new  equipment  or  training  and 
it's  scalable.  Whether  it's  Ethernet  (10  Mbps),  Fast  Ethernet 
(100  Mbps)  or  Gigabit  Ethernet  (1,000  Mbps),  you  can  mix  speeds 
according  to  location  and  application  requirements.  You'll 
increase  your  bandwidth  at  a  lower  overall  cost.  For  a  customized 
solution  from  someone  with  four  million  miles  of  fiber  experience, 
visit  www.bellsouth.com/business/metroethernet 


The  rewards  of  visiting  our  Web  site. 


FREE  INSTALLATION* 

with  contracts  greater  than  24  months  for  Y 
new  BellSouth®  Metro  Ethernet  Service  customers.  Siitgh* 
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Listening.  Answering." 


'Waiver  of  all  tariffed  non-recurring  charges  excluding  jacks,  wiring  and/or  special  assembly  installation  charges  Offer  available  only  for  new  BellSouth  Wetno  Ethernet  (NMLI]  oust'. me'". 

Offer  expires  October  31, 2003.  ©2003  BellSouth  Corporation.  All  trademarks  contained  herein  ore  the  property  of  BellSouth  Intellectual  Property  Corporation 
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John  Dix 

Dressing  up 
COBOL  in 
modern  garb 


A  fair  criticism  of  the  trade  press  is  that  we  are  fascin¬ 
ated  with  new  technology  and  lose  sight  of  the  fact 
that  you  folks  are  mired  in  legacy  molasses. 

Take  COBOL.  While  headlines  today  focus  on  things  such 
as  Java  and  Microsoft’s  .Net,  according  to  statistics  gathered 
by  The  Senior  Staff,  a  San  Jose  databank  of  IT  professionals 
over  the  age  of  35: 

•  75%  of  business  data  is  processed  in  COBOL  (Source: 
Gartner). 

•  There  are  180  billion  to  200  billion  lines  of  COBOL  in 
use  worldwide  (Gartner). 

•  15%  of  new  applications  are  written  in  COBOL 
(Gartner). 

•  “Replacement  costs  for  COBOL  systems,  estimated  at 
$25  per  line,  are  in  the  hundreds  of  billions  of  dollars” 
(Tactical  Strategy  Group). 

Not  surprisingly  a  top  IT  concern  is  how  to  haul  this 
legacy  forward  into  modern  frameworks.  And  that  concern 
is  fired,  in  part,  because  the  universe  of  COBOL  program¬ 
mers  is  shrinking.  Gartner  estimates  that  there  were  90,000 
COBOL  programmers  in  North  America  in  2002  and  that 
number  will  decline  13%  by  2006,  which  will  translate  into 
higher  costs  to  maintain  legacy  COBOL  programs. 

Enter  companies  such  as  Micro  Focus,  a  software  firm 
that  delivers  products  designed  to  help  customers  migrate 
COBOL  assets  to  the  world  of  Windows,  .Net,  Java  and  Web 
services,  says  Chairman  and  CEO  Tony  Hill. 

Based  in  the  U.K.  but  with  40%  of  its  500  employees  in 
North  America,  Hill  says  the  customer  hook  is  cost  savings 
and  agility 

The  savings  can  be  huge.  As  we  have  adopted  packaged 
applications  from  SAP  and  others  and  migrated  those  func¬ 
tions  off  the  mainframe,  the  remaining  COBOL  programs 
have  had  to  shoulder  a  larger  percentage  of  the  host  costs. 

“Some  of  these  COBOL  apps  cost  $5  million  per  year  to 
run  on  a  mainframe,  where  it  might  only  cost  $1  million 
per  year  on  an  alternative  platform,”  Hill  says. “There  are 
costs  associated  with  migrating  but  the  ongoing  savings 
are  huge.” 

And  once  shifted  you  can  start  to  get  creative,  making 
data  from  COBOL  applications  available  to  PDAs,  cell 
phones,  public  PCs,etc.“ln  some  sense  we’re  a  tools  com¬ 
pany’ Hill  saysCWe  enable  customers  to  develop,  extend 
and  deploy  COBOL  assets.” 

Given  the  dreadful  state  of  some  legacy  COBOL  appli¬ 
cations,  which  have  been  customized  heavily  over 
time,  it  won’t  always  be  possible  to  drag  the  programs 
into  the  future.  But  given  the  sunken  investment  and 
cost  of  replacement,  it  has  to  be  one  of  the  options 
considered  first. 

John  Dix 
Editor  in  chief 
jdix@nww.com 
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Disposable  workers 


Cogent  counter-argument 


Regarding  your  Management  Strategies  story  “Min¬ 
ing  a  diamond  in  the  rough”  (www.nwfusion.com, 
DocFinder:  8125):  It  seems  that  many  companies 
have  been  hoisted  by  their  own  petard.  After  years  of 
discarding  employees  as  soon  as  their  skills  became 
last  year’s  fad,  they  now  find  that  nobody  will  put 
effort  into  acquiring  company-  or  industry-specific 
knowledge.This  has  led  to  workers  with  narrowly  de¬ 
fined  IT-intensive  skill  sets,  which  easily  can  be 
ported  to  a  new  employer. 

If  companies  truly  want  IT  specialists  to  acquire 
company-  or  industry-specific  knowledge,  they  must 
be  prepared  to  go  back  to  doing  what  they  did  years 
ago:  Provide  a  career  path  within  the  company  with 
an  ongoing  training  program  to  ensure  employees’ 
skills  continually  adjust  to  match  employer  needs. 

Celia  Redmore 
Webmaster 
Sysprog.net 
Atlanta 

Microsoft’s  ‘plan’ 

In  his  column  “Another  black  eye  for  Trustworthy 
Computing’”  (DocFinder:  8126),  Kevin  Tolly  wonders 
about  “Microsoft’s  plan.”The  plan  is  quite  simple:The 
company  intends  to  continue  accepting  boxcars  full 
of  cash  from  its  customers,  who  are  willing  to  enter 
into  a  contract  where  the  customer  assumes  all  the 
risks  for  renting  and  using  the  software  that  Micro¬ 
soft  produces.  Unless  Microsoft’s  customers  stop 
sending  it  huge  quantities  of  money  the  company 
has  no  incentive  to  change  how  it  operates. 

Edward  Scheboth 
Henderson,  Nev. 


E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Regarding  Mark  Gibbs'  Backspin  column  “Open 
season  on  open  source”  (DocFinder:  8127):  The 
SCO  Group’s  escalating  extortion  attempts  notwith¬ 
standing,  I  do  feel  we  open  source  advocates  are 
losing  one  battle  at  the  moment.  SCO  has  been 
defaming  open  source  as  a  place  where  stolen 
code  ends  up.  Why  do  I  never  see  the  counter-argu¬ 
ment  that  it  is  actually  less  likely  for  stolen  code  to 
be  in  open  source  because  everyone  can  see  the 
source? 

Stolen  code  is  more  likely  to  be  found  in  propriety 
software,  where  no  one  outside  the  inner  circle  is 
allowed  to  see  it. 

Steve  Sheftic 
Huber  Heights,  Ohio 

Late  to  the  ball 

In  bemoaning  Microsoft’s  software  quality  track 
record  (DocFinder:  8128), Thomas  Henderson  gives 
Microsoft  an  excuse  it  doesn’t  deserve:  “Windows 
was  designed  before  the  Internet.  Software  quality 
standards  were  different  then."  Sorry,  but  Windows 
1.0  was  produced  in  the  1980s,  and  the  Internet  was 
already  in  its  teen  years  by  then. 

Although  Microsoft  has  contributed  significantly 
to  the“populist  revolution,” it  was, relatively  speaking, 
a  latecomer  to  the  Internet  ball.  Furthermore,  the 
practices  of  buffer  bounds  checking,  input  data  ver¬ 
ification,  appropriate  process  privilege  and  the  use 
of  properly  secured  logons  were  no  different  back 
then  than  they  are  now.  While  object-oriented  pro¬ 
gramming  and  GUIs  might  have  complicated  the  de¬ 
velopment  process,  the  fundamentals  of  computer 
programming  and  system  management  have  not 
changed  that  much.  Microsoft  has  no  excuse  in 
that  regard. 

*  Bill  Houle 

San  Diego 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder  8124 
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THE  ARCHITECTURAL  VIEW 

Robin  Layland 


A  call  for  end-user  advocates 


A  constant  complaint  I  hear  is  how  few  end-user  advocates  there 
are  —  end  users  who  are  willing  to  speak  out  on  important  issues. 
Most  users  don’t  think  it’s  worth  it  or  think  they  will  only  get  in 
trouble  by  talking.They’re  wrong. 

One  of  the  best  ways  to  communicate  your  needs  to  vendors  is 
through  the  press  and  at  conferences.Vendors  listen  closely  to  end-user 
advocates, and  the  good  part  is  you  don’t  have  to  be  a  CIO  to  be  heard. 

Use  the  press  and  conferences  to  both  present  your  problem  and 
talk  about  what  type  of  solution  you  need.  In  effect, you  can  write  the 
requirement  document  for  the  product.  Maybe  other  users  share 
your  need  but  don’t  know  how  to  express  it,  or  maybe  you  are  early 
in  understanding  the  need.  Going  “public”  with  your  need  will  draw 
attention  to  it.  Vendors  then  will  ask  around,  and  if  your  need  is 
important,  it  will  go  to  the  top  of  the  list.  If  you  don’t  speak  out  on 
what  you  need,  maybe  no  one  else  will,  and  it  will  take  longer  to  get 
the  features  or  products  you  desire. 

If  you  don’t  know  the  solution  but  do  know  the  problem,  then  use  the 
press  to  get  the  word  out.  The  press  loves  to  bring  up  users’  problems 
and  then  ask  vendors  what  they  are  doing  about  them. 

If  you  take  up  the  call  to  start  influencing  vendors,  there’s  one  impor¬ 
tant  rule  you  should  follow:  Be  positive.Tell  people  what  you  would  like, 
not  what  you  dislike. While  you  might  want  to  strike  out  at  a  vendor  that 
has  made  you  unhappy,  doing  so  will  only  lead  to  problems  for  your 
business  and  your  relationship  down  the  road.  It  is  better  to  be  positive 
and  praise  a  vendor  for  doing  something  you  like.  They  and  the  other 


vendors  will  get  the  message. 

How  do  you  actually  become  a  user  advocate?  Do  one  or  all  of  the 
following: 

•Talk  with  the  press.They  are  not  your  enemy  trying  to  get  you  in  trou¬ 
ble  (just  make  sure  you  follow  the  “be  positive”  rule).  You  can  find  the 
editors  by  looking  in  the  masthead  at  the  front  of  most  publications. 

•  Take  the  time  to  speak  at  conferences.  Conference  chairmen  like 
nothing  better  than  hearing  from  “real”  users  instead  of  the  typical  ana¬ 
lysts  or  vendors.The  only  reason  there  are  so  few  users  on  panels  is  that 
it  is  almost  impossible  to  find  them.  Most  conferences  list  the  session 
leaders.  Contact  them;  most  will  take  users’  input. 

•  Write  about  what  you  need.  If  you  have  a  problem,  many  editors  will 
be  glad  to  entertain  a  short  piece  or  feature  about  it. 

I  know  you  might  be  afraid  to  talk,  fearing  what  management  will 
think.  Don’t  worry;  you’re  showing  management  that  you  want  to  use 
the  press  to  amplify  your  company’s  needs. When  I  was  a  network  archi¬ 
tect,  my  strategy  was  to  use  the  press  to  help  get  vendor  attention,  and 
it  worked.  Management  understood  what  I  was  doing  and  supported  it 
—  as  long  as  I  kept  things  positive. 

So  stop  complaining  that  no  one  listens  to  you.  Become  an  end-user 
advocate. 

Layland  is  president  of  Layland  Consulting ,  a  consulting  firm  specializ¬ 
ing  in  new  technology  and  its  impact  on  enterprise  networks  in  West 
Hartford ,  Conn.  He  can  be  reached  at  robin@layland.com. 


So  stop 
complaining 
that  no  one 
listens  to  you. 
Become  an 
end-user 
advocate. 


ON  SECURITY 

Winn  Schwartau 

In  my  last  column  (www.nwfusion.com, 
DocFinder:8130),I  challenged  readers  to 
figure  out  how  1  securely  communicated 
from  the  ether-sniffing  environs  of  DefCon, 
the  annual  hacker  convention  in  Las  Vegas. 
Hundreds  of  solutions  came  flying  my  way. 
Some  were  fairly  inane:  “Morse  code,”  said 
one  reader.  Others  were  highly  creative:  “You  took  a  signal  from  the 
infrared  port,  linked  it  to  your  Palm  and  used  a  line-of-sight  antenna.” 

I  did  not  set  out  to  defeat  DefCon;  my  intent  was  much  more  util¬ 
ity-oriented  than  security-oriented.  I  wanted  to  be  able  to  hit  the 
’Net  from  anywhere,  anytime,  for  free.  As  a  frequent  traveler,  it’s  a 
hassle  finding  access  to  e-mail.  At  airports,  Wi-Fi  kiosks  now  are 
appearing  at  a  daily  access  charge  of  $5  to  $10.  But  who  inten¬ 
tionally  sits  at  the  same  airport  for  24  hours?  Dial-up  from  a  phone 
with  a  laptop  is  certainly  a  reasonable  option,  except  it  is  slower 
than  we  all  are  used  to  nowadays,  and  depending  on  which  ser¬ 
vice  you  use,  it  can  be  expensive. 

In  any  event,  here’s  what  I  did. 

I  have  a  Sprint  PCS  cell  phone.  Sprint  offers  cellular  modems  for 
umpteen  dollars  and  however  much  they  charge  per  minute  for 
Internet  access.  However,  many  telephone  companies  offer  free  Web 
browsing,  messaging  and  similar  abbreviated  services.  I  can  check 
stocks,  news  and  sports  24/7  if  1  want  to,  and  it’s  all  free  —  my 
monthly  minutes  are  never  touched. 

It  was  preordained  that  some  enterprising  company  would  figure 
out  how  to  turn  a  cell  phone  into  a  wireless  modem  —  and  a  com¬ 
pany  called  FutureDial  (in  which  I  hold  no  financial  interest)  did. 
Using  FutureDial’s  SnapDialer  and  a  $30  USB  cable,  you  can  convert 
your  cell  phone  into  a  perfectly  good  cellular  modem  that  connects 
to  the  Internet  at  a  fixed  speed  of  230.4K  bit/sec.  For  free. 

The  first  time  I  used  this  simple  setup,  my  wife  was  driving  us  back 
home  from  dropping  off  our  freshman  daughter  at  college.  We  drove 
the  back  roads  of  Florida  for  hours  and  1  never  lost  a  connection.  My 
wife  listened  to  her  music  and  I  got  to  crank  out  another  article  and 
answer  overdue  e-mail. This  was  a  serious  rush! 


Achieving  secure  unwired  bliss 


Remember  the  first  time  you  got  your  802.1 1  gear  working?  Sitting 
by  the  pool  or  barbecue  pit,  and  you  were  free  from  those  awful 
Category  5  cables.This  was  better  than  that.This  was  the  panacea  we 
all  wanted:  free  Internet  from  anywhere,  anytime  —  without  wires! 

Now  it  was  time  to  get  serious,  though. What  were  the  security  impli¬ 
cations?  While  sniffing  and  snorting  802  and  LAN-based  Ethernet  and 
telco  lines  is  pretty  simple,  scooping  digital  phone  transmissions  is  a 
bit  more  of  a  task.  No,  it’s  not  encrypted,  but  so  what?  I  am  really  not 
worried  about  a  guy  trying  to  randomly  intercept  digital  communi¬ 
cations  at  Burger  King  while  I  answer  e-mail  and  munch,  but  I  am 
worried  about  who  runs  the  independent  and  definitely  insecure 
802.11  access  points  and  servers,  and  what  he  might  be  sniffing 
and  saving. 

What  sort  of  security  does  Sprint  offer?  I  went  to  Gibson  Research’s 
“test-my-security”  site  (www.grc.com),  and  they  scanned  1,056  of  my 
lower  ports.  Several  ports  were  wide  open  —  no  security  at  all.  Most 
of  the  ports,  though,  were  closed. This  means  that  if  someone  is  port¬ 
scanning  me,  they  will  see  my  computer  and  know  that  the  ports  are 
active.This  is  not  good  enough  for  paranoids  like  me.  Even  on  dial-up, 
the  IP  and  port  scanners  will  find  you  within  an  average  of  30  min¬ 
utes.  I  want  to  be  invisible. 

So  I  turned  on  my  Norton  firewall  and  reran  the  scan  at 
www.grc.com.  My  entire  computer  was  invisible  to  the  Internet,  as  it 
should  be.  The  super-critical  ports  such  as  137, 139  and  445  were  in 
full  stealth  mode.  It’s  like  having  an  invisible  house  on  a  nice  street  — 
the  thieves  don’t  even  know  you  exist. 

I  am  a  really  happy  camper.  1  submitted  this  article  to  Network  World 
from  a  high-speed  train  somewhere  in  the  nether-reaches  of  the 
Carolinas.l  had  uninterrupted  video  streaming  and  consistent  e-mail. 
The  truly  unwired  experience  is  really  that  cool.  Add  a  few  doses  of 
common-sense  security,  and  you’ll  have  the  closest  thing  to  bliss 
legally  allowed  when  you’re  on  the  road. 


The  truly  unwired 
experience  is 
really  that  cool. 


Schwartau  is  president  of  Interpact,  a  security  awareness  consulting 
firm,  and  author  of  several  books,  including  Pearl  Harbor  Dot  Com.  He 
can  be  reached  at  winn@thesecurityawarenesscompany.com. 


i  PRIMARY 


You’ve  dedicated  tremendous  time  and  resources  to  safeguarding  your  company’s  mission-critical 
systems.  But  if  it  isn’t  combined  with  a  robust,  redundant  infrastructure,  the  latest  technologies, 
professional  expertise,  and  proven  processes;  you  won’t  achieve  the  levels  of  availability  and  uptime 
today’s  marketplace  demands.  That’s  why  you  need  a  SunGard  Information  Availability  strategy. 
Working  with  SunGard,  we’ll  customize  a  total  solution  that  helps  ensure  your  employees  and 
customers  have  uninterrupted  access  to  the  critical  systems  and  data  that  run  your  business,  24/7. 
Make  sure  all  your  systems  are  “go”.  To  see  how  cost  effective  an  Information  Availability  strategy 
can  be,  see  our  white  paper  prepared  by  IDC  at:  www.availability.sungard.com 


MANAGED  SERVICES  •  PROFESSIONAL  SERVICES  •  BUSINESS  CONTINUITY 


/  You’ve  built  redundancy  into  your  systems, 
but  if  they  can’t  be  used  to  run  your  business 

they  might  as  well  be  here. 


Introducing  Information  Availability. 

•  *  v  ■  i  ?->v  •  'i 


SUNGARD 

Availability  Services 

Keeping  People  and 
Information  Connected 
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Inside  a 

security 

audit 


“Well  be  testing  for  1,211  differ¬ 
ent  types  of  vulnerabilities," 
says  Shawn  Bernard  of 
Networks  Unlimited. 


Security  audit 
continued  from  page  1 


Let  the  audit  begin 

Networks  Unlimited  operates  from  a  19th-century  hilltop  Victorian  man¬ 
sion  framed  by  giant  sycamore  trees.The  Hudson,  Mass., company  audits  a 
diverse  mix  of  businesses  —  banks,  retailers,  law  firms  and  government 
agencies  —  and  provides  security  solutions.  Business  is  booming. 

The  purpose  of  a  security  audit,  says  company  President  Harry  Segal,  is 
not  to  access  or  corrupt  sensitive  data.  Rather,  it  is  a  controlled  demonstra¬ 
tion  that  these  acts  could  be  carried  out.  Documenting  the  breaches  and 
identifying  files  at  risk  makes  you  a  security  auditor.  Access  those  files  and 
you’ve  crossed  the  line  into  hackerdom. 

In  what  was  once  the  dining  room,  under  an  ornate  gas-lit  chandelier, 
Segal  and  security  engineer  Shawn  Bernard  huddle  over  a  PC,  eager  to 
begin  a  complete  security  audit  of  28  servers,  hand-picked  from  hundreds 
by  the  hospital’s  IT  staff.Sitting  under  a  wall  adorned  with  security  and  ven¬ 
dor  certifications,  they’ll  pass  this  night  probing  the  network, searching  for 
weaknesses,  exposing  the  potential  for  digital  dastardliness.  Two  weeks 
later  they’ll  present  their  findings  —  and 
advice  —  to  managers  in  the  hospital’s 
technical  services  group. 

Bernard  is  gregarious,  quick  to  talk 
about  his  family  and  just  as  quick  to  note 
that  he  maintains  close  ties  to  the  hacker 
community  —  to  better  learn  about  their 
latest  exploits,  techniques  and  tools. 

Segal  spent  years  at  NEC  Information 
Systems  and  erstwhile  modem  maker 
Microcom. 

“We  will  always  find  issues  that  must 
be  addressed  quickl/ Segal  says.The  top 
reason  for  security  breakdowns,  he  says, 
is  almost  laughable:  company  policies 
that  limit  server  maintenance  to  just  a  few  weekend  hours.“If  you 
discover  a  security  breach  —  fix  it!  Now!”  he  says. “Wait  for  the 
weekend  maintenance  window,  and  by  Monday  there  might  be  no  busi¬ 
ness  to  come  back  to.” 

Bernard’s  PC  is  loaded  with  a  software  smorgasbord  any  hacker  would 
envy;  his  tool  of  choice  is  Internet  Scanner  from  Internet  Security 
Systems.  Internet  Scanner  provides  automated  network-vulnerability 
assessment  across  servers,  desktops  and  infra¬ 
structure  devices.  It  also  probes  network  ser¬ 
vices,  operating  systems,  routers,  switches, 
servers  and  firewalls. 

“We’ll  be  testing  for  1 ,2 1 1  different  types  of  vul¬ 
nerabilities,”  Bernard  says.  One  mouse  click,  and 
the  audit  is  underway 

Segal  adds  that  this  audit  is  testing  only  for  vul¬ 
nerabilities  from  the  outside  world.  A  complete 
audit  would  also  look  for  —  and  inevitably 
would  find  —  internal  vulnerabilities. 

This  audit  is  somewhat  different  than 
most  because  the  IT  staff  was  warned. 

Usually,  the  rank-and-file  IT  staff  receives 
no  advance  notice.  It’s  not  until  the  final 
report  is  presented  at  a  department 
meeting  that  the  secret  is  revealed.  “We 
don’t  want  people  running  around  in  a 
frenzy  plugging  holes,”  Segal  says.  “An 
audit  should  be  a  snapshot  of  business 
as  usual.” 

Easy  access  -  too  easy 

As  Segal  is  talking,  Bernard  suddenly  perks  up.  He’s  discovered  what 
seems, at  first,  merely  odd, then  surprising, then  unimaginable.“We’ve  found 
servers  running  Compaq’s  Insight  Web  management  software, ”he  says.“This 
is  not  a  good  thing.” 

By  using  one  server  as  a  proxy,  the  other  servers  let  Bernard  bypass  the 
perimeter  security  of  the  network  firewall.  In  just  moments,  he  gains  access 
to  a  BayStack  hub,  residing  between  two  Nokia  firewall  devices.The  hub’s 
factory  default  password  was  still  in  place,  easy  pickings  for  an  attackei 
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Reducing  the  risk 

o 

Networks  Unlimited 
President  Harry  Segal, 
recommends  these 
low-cost  steps  you  can 
take  to  make  your 
network  a  safer  place: 

Do 

•  Estimate  the  cost  of  a  break-in  to  guide  your 
security  decisions. 

•  Configure  firewalls  to  deny  all  traffic,  then 
open  needed  ports. 

•  Change  default  passwords  before  deploying 
software  or  hardware. 

•  Delete  unnecessary  user  accounts  (guests, 
anonymous). 

•  Establish  and  adhere  to  a  process  for  obtaining 
and  applying  patches. 

•  Use  only  VPNs  for  remote  access. 

•  Implement  intrusion  prevention  to  stop  attacks 
that  can  pass  unimpeded  through  the  firewalls. 

•  Beware  of  internal  attacks  that  might  be 
initiated  not  by  a  user,  but  by  the  user's 
machine. 

Don't 

•  Don’t  connect  unpatched  machines  directly 
to  the  Internet. 

•  Don’t  ignore  old  servers  whose  purpose  and 
ownership  are  uncertain. 

•  Don’t  assume  anti-virus  programs  protect 
against  all  malicious  activity:  Many  hacker 
tools  use  legitimate  software  not  detected  by 
anti-virus  programs. 

•  Don’t  trust  your  staff  —  or  yourself:  Have 
an  experienced  third-party  review  security 
regularly. 

•  Don’t  believe  that  firewalls  protect  all:  Many 
attacks  appear  as  legitimate  traffic. 

•  Don’t  ignore  the  security  threat  from  internally 
connected  laptops  orVPN-connected  remote 
systems. 

•  Don’t  let  external  PCs  connect  via  remote- 
control  software. 

•  Don’t  provide  unlimited  network  access  to 
business  partners. 


f  Ouch!  ^ 

W  In  the  first  six  months  of  ^ 
this  year,  the  CERT  Co-  ' 
ordination  Center  at  Carnegie 
Mellon  University  recorded  a 
whopping  76,404  security 
breaches,  nearly  outpacing 
L  the  82,094  security  A 
breaches  for  all  of 
^  2002. 


who  quickly  could  disable  the  device,  plunging  an  entire 
network  segment  into  digital  darkness. 

“This  is  pretty  serious,”  Bernard  says,  noting  that  it  might 
be  possible  to  reach  any  of  the  hospital’s  hundreds  of 
servers,  not  just  the  28  in  this  audit.  Bernard  takes  a  few 
notes  and  moves  on. 

Probing  further,  Bernard  stumbles  across  a  Compaq 
server  running  the  hospital’s  HP  Jetadmin  printer-manage¬ 
ment  software.  Why  this  application  or  the  Insight  Web 
management  software  would  be  Internet  facing,  that  is,  vis¬ 
ible  to  anyone  who  would  bother  to  look,  is  anyone’s  guess. 
Although  possibly  no  more  than  a  configuration  error,  it  is 
akin  to  a  flashing  neon  sign,  extending  an  engraved  invita¬ 
tion  to  the  malicious  mind  bent  on  amusement  or  criminal 
mischief.  Except  that  neither  Bernard  nor  an  attacker 
would  know  the  password. 

Not  a  problem.  He  visits  a  favorite  Web  site,  one  that,  for 
better  or  worse,  publishes  common  logon  ID  and  password 
combinations  for  thousands  of  products. 

It  takes  one  try  One  try!  We’re  in.  We  see  the  name,  model, 
network  address  and  physical  location  of  each  printer.  We 
can  check  toner  levels,  firmware  version  numbers,  page 
counts.  Could  we  actually  intercept  a  print  job?  Anything  is 
possible.  Not  easy,  but  possible. 

“I  can  go  in  and  change  the  control-panel  language  on 
hundreds  of  printers,”  Bernard  says.“l  can  swap  queues.  I 
can  send  print  jobs  to  every  printer  saying  ‘you’ve  been 
hacked.’ I  can  take  them  offline. I  am  in 
total  command.” 

But  wait,  there’s  more. 

•  Bernard  finds  a  server  running  an 
outdated  copy  of  Microsoft  Internet 
Information  Services  that’s  badly  in 
need  of  an  updated  security  patch. 

•  A  mail  server  is  running  the  Simple 
Mail  Transfer  Protocol  verify  com¬ 
mand,  which  an  attacker  could  use  to 
validate  the  existence  of  specific 
e-mail  accounts. 

•  A  proxy  service,  vulnerable  to  a 
denial-of-service  attack,  is  several 
patches  out  of  date. 

•  A  server  running  the  pcAnywhere  remote-access  pro¬ 
gram  is  discovered. 

•  A  server  is  running  Network  News  Transfer  Protocol,  a 
service  that  could  let  users  post  to  and  read  from  news- 
groups  without  authorization. 

•  Ports  galore  are  open,  for  no  apparent  reason. 

With  the  sun  rising,  Segal  and  Bernard  call  it  quits. 
Confident  that  the  breaches  they’ve  unearthed  is  enough 
to  mortify  IT  director,  they  save  their  mountains  of  data,  log 
off  and  head  home. 

Tomorrow,  the  pair  will  start  compiling  the  results  from 
thousands  of  port  scans,  vulnerability  checks  and  surveys 
of  software  versions,  resulting  in  a  report  nearly  an  inch 
thick.Then  it’s  off  to  the  client  with  the  bad  news. 

Don’t  shoot  the  messenger 

Two  weeks  later,  we  pile  into  Segal’s  minivan.  It’s  report- 
card  day  when  the  hospital’s  IT  staff  learns  if  its  network  is 
healthy  or  needs  immediate  surgery  As  we  enter  an  IT  con¬ 
ference  room,  the  technical  services  director  and  about  15 
staffers  shuffle  in, coffee  mugs  in  one  hand,  notepads  in  the 
other.  Expressions  range  from  “I  think  we’re  OK”  to  down¬ 
right  fear. 

Moving  quickly  to  defuse  a  potentially  adversarial  meet¬ 
ing, a  diplomatic  Segal  says, “We’re  here  to  help  you  do  your 
jobs  better  No  one  nods  to  agree. “Security  here  is  already 
very  good,  but  we’ve  found  a  few  things  you  can  improve,” 
he  says.  Later,  Segal  acknowledges  he  would  have  used 
harsher  language  if  the  presentation  had  been  a  one-on- 
one  with  the  technical  services  director.  On  this  day,  IT  has 
safety  in  numbers. 

Bernard  takes  over,  handing  out  his  inch-thick  report, 


explaining  it  page  by  page. 

All  28  audited  servers  are  listed,  led  by  the  most  vulnera¬ 
ble.  First  place  goes  to  the  server  running  the  Compaq  man¬ 
agement  software.lt  should  never  have  been  visible  outside 
the  firewall,  because  anything  it  talks  to,  a  hacker  can,  too. 

It’s  all  there:  IP  address,  domain  name,  operating  system 
and  version.  The  problem  with  Compaq  Web-based 
Management  Software  Version  4.7,  installed  on  Fbrt  2301  — 
the  default,  open  to  anyone  —  is  described  in  detail. 
Bernard  describes  how  a  hacker, sending  a  username  con¬ 
taining  exactly  460  bytes  could  cause  a  buffer  overflow, 
allowing  the  execution  of  arbitrary  code  with  administra¬ 
tor  privileges. 

Fixing  this  potentially  deadly  breach  is  easy:  download 
and  apply  the  appropriate  patch  as  listed  in  Compaq 
Security  Advisory  SSRT0705.Skip  it  and  risk  everything. 

And  on  it  goes.  Bernard  describes  each  vulnerability  in 
detail  and  suggests  a  remedy.  Sometimes  it’s  a  patch,  stop¬ 
ping  an  unneeded  process  or  closing  a  port  that’s  open. 

Tempers  never  flared.  The  discussion  was  surprisingly 
placid.“Yeah,we  already  knew  about  that  one  and  planned 
to  fix  it”  eventually  gave  way  to  relief  that  most  breaches 
were  someone  else’s  problem. 

“Some  things  we  don’t  control,”  one  staffer  said. 

“They  had  to  subvert  another  group  to  get  to  my  group,” 
another  said. 

“The  executives  here  are  focused  on  the  hospital’s  clini¬ 
cal  mission,” yet  another  said. 

Not  at  all  a  good  reaction,  accord¬ 
ing  to  Segal  and  Bernard. “If  this  was 
a  bank,”  heads  would  be  rolling. “This 
is  a  hospital.  Security  is  no  less  criti¬ 
cal.  It’s  everybody’s  problem,”  Segal 
says. 

As  for  the  technical  services  direc¬ 
tor,  the  IT  manager  who  agreed  to  the 
audit,  his  calm  reaction  to  the  litany 
of  potentially  catastrophic  security 
breaches  was  an  enigma  to  Segal. 

“1  was  pleased  to  see  that  the  major¬ 
ity  of  the  findings  were  relatively 
benign,”  he  said  in  a  follow-up  inter¬ 
view.  “We  had  fully  addressed  all  but  one  of  them  by  the 
next  da/ 

Not  nearly  good  enough,  Segal  says. “This  is  a  business 
that  should  be  extremely  security-conscious,"  he  says. “In 
certain  areas,  I  could  see  a  determined  effort  by  the  IT 
staff  to  have  strong  security,  but  they  failed  miserably  in 
others.” 

Harsh  words  from  a  man  who  just  played  the  diplo¬ 
mat.  Bernard  says:  “Their  senior  engineers  and  techni¬ 
cians  deserve  praise,  but  having ‘good  people’ is  not  the 
same  as  having  proper  security.  Good  people  make 
honest  mistakes.” 

Lessons  for  all 

The  Networks  Unlimited  audit  could  have  been  much 
worse.  This  audit  was  unusually  narrow  in  scope,  but  a 
more  sweeping  audit  undoubtedly  would  have  uncovered 
additional  failures. 

“This  was  a  limited  external  audit,”  Bernard  says.  “We 
didn’t  look  at  internal  security,  but  you  can  be  certain  they 
haven’t  implemented  adequate  internal  security  to  protect 
critical  data  and  operations  from  unauthorized  access." 

On  the  ride  home,  Segal  gets  philosophical. “Every  busi¬ 
ness  is  vulnerable,” he  says.“This  one  is  no  different.  Hire  an 
auditor  and  fix  the  problems  before  it’s  too  late." 

Was  it  too  late  for  our  patient,  the  regional  medical  cen¬ 
ter?  “Darn  lucky  he  says.“Darn  lucky 

Shore,  who  is  a  technology  journalist  in  Southborough, 
Mass.,  prouides  product-strategy  consultation  and  editori¬ 
al-development  services  to  technology  companies  at 
www.joelshore.  com. 


Ill  can  swap  queues. 

I  can  send  print  jobs  to 
every  printer  saying, 
‘You've  been  hacked.' 

I  can  take  them  offline. 

I  am  in  total  command.  9  9 

Shawn  Bernard 

Security  engineer,  Networks  Unlimited 
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Although  most  managers  think  technology  is  a  competitive  advan¬ 
tage  for  large  companies,  nowhere  is  it  more  important  than  for  the 
small  to  medium  business.  And  more  than  ever,  these  businesses 
depend  on  technology  to  power  their  economic  engine.  Leveraged 
wisely,  technology  can  help  companies  work  smarter  and  be  more 
productive,  driving  down  costs  at  the 
same  time.  Indeed,  technology  can 
assist  small  and  medium  businesses 
(SMBs)  by  providing  them  the  neces¬ 
sary  productivity  to  push  their 
businesses  beyond  their  limits. 

How  important  is  the  desktop  when 
conducting  day-to-day  business? 

Answer  —  very  important  as  a  sub¬ 
stantial  amount  of  business  data  can  now  be  found  on  the  desktop. 
Being  able  to  quickly  create  and  share  that  data  should  be  a  top  prior¬ 
ity  for  businesses  of  any  size.  And  a  key  success  factor  in  utilizing  and 
sharing  information  lies  in  a  business’s  decision  to  invest  in  new  desk¬ 
tops  that  leverage  innovative  technologies  for  efficient  and  enhanced 
processing  of  information  and  applications.  Although  SMBs  con¬ 
stantly  juggle  the  tradeoff  between  cutting-edge  technology  and 
budget  constraints,  the  investment  can  pay  off  in  terms  of  productiv¬ 
ity  gains. 

According  to  “The  Corporate  Refresh  Cycle  Grinds  into  Motion,”  a 
2003  report  from  IDC,  the  tough  economy  has  forced  some  companies 
to  cut  costs  by  delaying  desktop  and  notebook  upgrades.  The  result: 
lost  productivity.  “An  institution  can  stretch  the  replacement  cycle 
only  so  far  and  then  it  starts  to  cost  itself  money,  in  both  hard  dollars 
and  opportunity  costs,”  states  the  report.2  Not  only  that,  but  many 


small  to  midsize  businesses  struggle  with  IT  resources.  Many  cannot 
afford  a  large  full-time  IT  staff  and  depend  on  the  services  of  one  or 
two  IT  professionals  for  the  full  gamut  of  services.  As  a  result,  SMBs 
generally  cannot  afford  —  either  in  terms  of  budget  or  manpower  — 
to  implement  technologies  that  don’t  easily  work  within  the  frame¬ 
work  of  their  existing  infrastructure. 

All  this  is  playing  out  in  a  business  climate  characterized  by  even 

heavier  demands  on  desktop  perform¬ 
ance.  Users  are  increasingly  running 
multiple  applications  simultaneously, 
while  demanding  network  bandwidth 
for  shared  applications  and  rich-media 
content.  Based  on  recent  usage  trends, 
desktop  and  network  performance 
will  certainly  face  increasing 
demands.  According  to  the  IDC  report, 
“If  your  organization  hasn’t  upgraded  its  client  since  before  the 
Millennium,  now  is  the  time  to  get  started.  From  now  on,  older  clients 
will  create  more  and  more  of  a  drag  on  competitiveness  and  profits.”2 

Gigabit  Ethernet  in  Conjunction  with  Hyper-Threading 
Technology:  An  Answer  for  the  SMB  Market 

Dell  desktops  and  workstations  coupled  with  both  Intel®  PRO 
Gigabit  Ethernet3  and  Intel®  Pentium®  4  Processors  with  Hyper- 
Threading  Technology1  provide  a  solution  to  small  and  midsize 
businesses  looking  for  a  performance  boost.  By  combining  Intel  PRO 
Gigabit  Ethernet  and  Pentium  4  processors  with  Hyper-Threading 
Technology  —  which  now  come  standard  on  many  Dell™  OptiPlex™ 
business  desktops  and  Dell  Precision™  workstations  —  IT  managers 
at  businesses  may  be  able  to  realize  outstanding  performance 
improvements  at  minimal  investment. 


An  Intel ®  PRO  Gigabit  Ethernet  Network 
Connection  can  enhance  desktop  throughput , 
while  an  Intel®  Pentium ®  4  processor  with 
Hyper-Threading  Technology1  can  enhance 
a  desktop’s  ability  to  get  the  full  use  out  of 
a  Gigabit  link. 


“Dell  is  bringing  Gigabit  Ethernet  to  the  industry  main¬ 
stream  by  taking  a  relevant  technology,  providing  it  with  a 
stable  platform  and  offering  great  value  through  our  direct 
model.  That’s  important  to  our  customers  when  you  think 
about  how  networks  are  going  to  be  used  in  the  future.” 

Frank  Muehleman,  Senior  Vice  President  and  General  Manager,  Americas  Small 
and  Medium  Business  Division,  Dell  Inc. 

Indeed,  2003  is  turning  out  to  be  a  watershed  year  for  Gigabit 
Ethernet  desktop  connections.  Prices  on  the  technology  have 
declined,  and  the  technology  has  matured  as  companies  such  as  Dell 
have  incorporated  Intel’s  PRO  Gigabit  Ethernet  into  many  of  its  stan¬ 
dard  desktop  profiles.  Not  to  mention,  Dell  also  offers 
Gigabit-enabled  PowerConnect  switches  to  complete  the  connection 
from  the  desktop  to  the  server.  In  the  past  few  months,  Gigabit 
Ethernet  to  the  desktop  has  moved  beyond  specialized  and  high-tech 
companies  to  ordinary  businesses  and  applications  —  a  clear  sign 
that  the  market  is  maturing.  For  example,  as  of  2003  year-to-date 
(August  2003),  Dell  has  sold  over  40%  of  its  desktops  in  the  U.S.  with 
Intel  PRO  Gigabit  Network  Connections  to  small  and  medium-sized 
businesses. 

According  to  “Supercharging  the  Desktop,”  a  special  report  from 
Network  World,  the  Dell’Oro  Group  estimates  that  the  number  of 
Gigabit  Ethernet  network  connections  over  copper  ports  installed  on 
network  switches  will  have  jumped  from  2  million  last  year  to  5  mil¬ 
lion  this  year,  and  will  jump  again  to  about  20  million  in  2005.4  This  is 
a  significant  number  considering  desktop  connections  account  for 
the  majority  of  Gigabit  Ethernet  over  copper  ports. 

Most  often  what  justifies  the  upgrade  for  these  users  is  not  a  sin¬ 


gle  killer  application.  Rather,  it’s  the  promise  of  enhanced  system  per¬ 
formance  to  meet  users’  intense  multitasking  needs  as  applications 
become  more  bandwidth-intensive  and  users  more  sophisticated. 
“Desktop  applications  used  to  consist  of  some  e-mail,  Web  browsing, 
and  Microsoft™  or  Lotus™  applications;  however,  users  are  now  doing 
real-time  virus  scanning  while  real-time  network  applications  are 
being  pushed  to  the  desktop,”  notes  Indraj  Gill,  Director  of  Marketing, 
OptiPlex  Desktops,  Dell  Inc. 

Businesses  are  also  leveraging  the  network  to  perform  such 
bandwidth-intensive  tasks  as  application  and  operating  system 
upgrades,  as  well  as  hard-disk  backups.  Meanwhile,  applications 
and  files  are  getting  larger,  with  more  graphics  and  multimedia  con¬ 
tent.  “Put  all  that  together,  and  the  time  it  takes  to  get  from  the 
desktop  through  the  network  to  the  server  gets  longer,”  says  Gill. 
“So  Gigabit  Ethernet  to  the  desktop  in  conjunction  with  the  Intel® 
Pentium®  4  processor  with  Hyper-Threading  Technology1  can  enable 
users  to  increase  their  productivity  by  getting  data  faster  and  doing 
more  simultaneously.” 

The  Need  for  Speed 

How  much  faster?  With  Intel®  PRO  Gigabit  Ethernet  Network 
Connections,  Dell  desktops  and  workstations  can  receive  throughput 
between  500  and  800  megabits  per  second,  the  same  as  or  faster  than 
hard  disk  transfer  rates,  and  data  gets  to  end  users  5  to  8  times  faster 
than  with  traditional  Fast  Ethernet  (100  megabits  per  second)  con¬ 
nections.5  The  Intel  Pentium  4  processor  with  Hyper-Threading 
Technology  further  enhances  a  desktop’s  ability  to  get  the  full  use  out 
of  a  Gigabit  Ethernet  link.  What  is  Hyper-Threading  Technology? 
Hyper-Threading  Technology  is  an  enhancement  to  the  Intel 
NetBurst™  microarchitecture  that  allows  two  threads  or  instruction 
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FIGURE  1:  How  Hyper-Threading  Technology  and  Gigabit  Ethernet  Work 
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streams  to  run  independently  and  in  parallel  on  a  single  Intel® 
Pentium®  4  processor.  The  processor  allocates  its  execution 
resources  —  including  cache  memories,  execution  units  and  buses  — 
between  the  two  logical  processors  (See  Figure  1). 

“Intel*  PRO  Gigabit  Network  Connections  and  Intel ® 
Pentium*  U  Processors  with  Hyper-Threading  Technology1 
complement  one  another  to  maximize  desktop  network  appli¬ 
cation  performance.  ” 

John  Zanot,  Director  of  LAN  Access  Division  Marketing  at  Intel. 

Recent  benchmark  test  results  help  support  this  claim. 
VeriTest™,  an  independent  technology  testing  lab,  reported  testing 
results  from  the  combination  of  Gigabit  Ethernet  and  Hyper- 
Threading  technologies  in  April  2003  after  being  commissioned  to 
do  so  by  Intel.6  In  one  test,  VeritTest  tested  the  technologies  on  desk¬ 
tops  with  simultaneous  tasks  such  as  downloading  files  from  a 
network  shared  drive  while  converting  a  PowerPoint  presentation 
to  a  portable  document  format  (PDF). 

VeriTest  compared  a  desktop  with  the 
Intel®  PRO/1000  MT  Desktop  Adapter 
and  an  Intel®  2.8GHz  Pentium®  4  proces¬ 
sor  with  Hyper-Threading  Technology1 
with  a  similarly-equipped  desktop  with 
the  same  processor  (but  no  Hyper- 
Threading  capability)  and  Fast  Ethernet 
(100  Mbps).  The  results  of  this  test  sce¬ 
nario  showed  that  the  desktop  using 
both  Gigabit  Ethernet  and  Hyper- 
Threading  Technology  achieved  a 
performance  increase  versus  the  same 
desktop  equipped  with  Fast  Ethernet 
and  no  Hyper-Threading.  Even  more 
impressive,  the  desktop  equipped  with 
the  Pentium  4  2.8GHz  processor  and 
Hyper-Threading  Technology  and  a  Intel 
PRO/1000  MT  Desktop  Adapter  con¬ 
verted  the  PowerPoint  presentation  to 
an  Adobe  PDF  format  almost  4.90  times 
faster  than  a  Intel®  Pentium®  III  desktop 
with  Fast  Ethernet  and  no  Hyper-Threading,  which  is  a  typical  con¬ 
figuration  for  a  PC  purchased  several  years  ago.  However,  when 
today’s  desktop  with  Hyper-Threading  Technology  was  coupled  with 
a  Fast  Ethernet  connection  at  100  Mbps,  the  performance  improve¬ 
ment  was  only  2.99  times  faster  than  the  Pentium  III  desktop.6  The 
complete  results  of  VeriTest’s  networking  multi-tasking  testing  are 
reproduced  from  its  report  in  Figure  2. 7 

Gigabit  Ethernet  and  Hyper-Threading  Technologies  should  also 
boost  network  performance,  helping  to  enable  IT  managers  at  small 
to  midsize  businesses  to  maximize  their  resources.  As  more  and 
more  tasks  —  such  as  updating  software,  troubleshooting  hardware, 
and  performing  virus  scans — take  place  on  the  corporate  network, 


IT  managers  need  to  be  able  to  do  these  jobs  with  minimal  impact  to 
user  performance.  Desktops  with  an  Intel®  PRO  Gigabit  Ethernet 
Network  Connection  and  a  Pentium  4  processor  with  Hyper- 
Threading  Technology  can  also  help  boost  servers  to  top 
performance  across  the  network  by  minimizing  the  amount  of  pro¬ 
cessing  time  for  simultaneous  tasks.  Combine  these  servers  with 
affordable  Gigabit  network  switches  from  Dell,  and  you  can  help 
ensure  powerful  networking  speeds. 

Counting  the  Cost 

For  small  to  midsize  businesses,  price  is  always  a  determining 
factor  when  it  comes  to  technology  implementations.  With  Gigabit 
Ethernet’s  interoperability  with  existing  10/100  technology,  busi¬ 
nesses  can  implement  this  technology  at  minimal  investment  and  in 
a  staged  approach  over  time. 

With  the  Intel®  PRO  Gigabit  Network  Connection  now  available 
on  most  of  Dell’s  OptiPlex  business  desktops  and  Dell  Precision 
workstations,  implementation  can  simply  be  a  part  of  scheduled 
desktop  upgrades.  In  fact,  a  full  range  of  Dell  products,  from 


switches  and  servers  to  storage  solutions,  support  Gigabit  Ethernet. 
Furthermore,  many  businesses  can  deploy  Gigabit  Ethernet  to  the 
desktop  on  a  building’s  existing  Category-5  copper  cable,  simplify¬ 
ing  the  implementation  process.  And  Category-5  cable  is  used  by 
more  than  85%  of  current  network  installations,  according  to  past 
surveys  by  Sage  Research.'  Being  able  to  leverage  the  same  cable  for 
10  megabit,  100  megabit  and  up  to  one  gigabit  per  second  connec¬ 
tions  allows  businesses  to  make  a  gradual  transition  while 
preserving  communications  for  legacy  systems.  Most  important. 
Gigabit  Ethernet’s  benefits  are  built  to  last,  providing  businesses 
with  plenty  of  headroom  to  expand  and  build  on  existing  technology 
(See  Figure  3). 


FIGURE  2:  File  Transfer  with  Adobe  Distiller  Document  Conversion 
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Source:  Desktop,  Gigabit  Ethernet  and  HT  Study,  VeriTest,  2003 


FIGURE  3:  Integrating  Gigabit  Into  Your  LAN 


Why  are  SMBs  well  positioned  to  leverage  new 
technologies?  Answer  —  because  SMBs  tend  to  have 
the  visibility  and  flexibility  to  determine  what  IT 
products  need  to  be  upgraded,  the  improvements  to 
performance  and  productivity  they’ll  realize,  and 
what  it  will  cost.  In  the  end,  providing  headroom  for 
future  growth  and  supplying  employees  with  the  tech¬ 
nology  tools  to  boost  productivity  will  impact  the 
bottom  line.  Any  technology  that  can  assist  small  to 
midsize  business  in  maximizing  their  productivity 
while  leveraging  existing  budgets  and  infrastructure 
is  sure  to  be  a  winner. 


Carol  Hildebrand  writes  frequently  on  a  variety  of 
business  and  technology  topics.  She  can  be  reached  at 
cjhilde@comcast.  net. 


Connect  your  network  at  Gigabit  speed 
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MAJOR  ADVANTAGE  FOR  MINIMAL  COST. 

Gigabit  Ethernet  technology  when  implemented  across  a  network  and  desktop 
can  boost  performance  as  much  as  eight  times  that  of  Fast  Ethernet.5  It  can  trans¬ 
form  the  rate  of  network  data  flow,  supercharge  desktop  productivity  and  help 
reduce  bottlenecks;  and  it  can  do  so  at  minimal  investment.  For  example,  Intel 
PRO  Gigabit  Network  Connections  are  standard  on  a  range  of  competitively-priced 
Dell  IT  products. 


INCREASED  PERFORMANCE  FROM  SERVER  TO  DESKTOP 

The  desktop  is  the  premier  business  tool  for  small  to  midsize  businesses  today. 
Workers  depend  on  it  to  create  and  share  information  and  collaborate  with  workers 
on  a  daily  basis.  So  it  makes  sense  to  boost  the  performance  of  both  the  desktop  and 
the  network  that  supports  it. 

AN  INVESTMENT  FOR  TODAY  AND  TOMORROW 

Interoperability  testing  means  that  you  can  deploy  Gigabit  Ethernet  anywhere  on 
your  network  with  complete  confidence.  The  auto  negotiation  feature  means  that  your 
network  components  —  desktop,  switches,  and  servers  —  will  automatically  ac^just 
their  transmission  speeds  when  components  are  upgraded  to  Gigabit.  This  makes  your 
transition  to  a  faster  network  and  a  more  productive  office  possible  in  a  staged 
approach.  Your  investment  in  your  existing  structure  is  maximized  —  not  rendered 
obsolete. 


DEPLOY  EVERYWHERE  WITH  MINIMAL  DISRUPTION 


EASY  TO  INSTALL  AND  MANAGE 


Gigabit  Ethernet  allows  you  to  migrate  to  the  next  generation 
of  networking  with  standard  Category-5  Cabling.  For  a  small  business  network, 
Gigabit  over  copper  offers  the  ideal  solution.  It’s  simple  and  cost-effective  to 
deploy,  making  use  of  your  existing  cabling  without  any  re-wiring.  You  can 
improve  performance  while  balancing  your  budget. 


Gigabit  Ethernet  is  not  only  backwards  compatible  with  10/100  Ethernet,  but  it’s 
easy  to  install  on  an  incremental  basis.  For  example,  it  can  be  deployed  as  a  busi¬ 
ness  upgrades  its  systems  and  by  adding  an  all-Gigabit  switch  to  complete  the 
connection  from  the  desktop  to  the  server.  Also,  Intel’s  PROSet  Utility  can  provide 
fast  and  easy  driver  maintenance. 


For  more  information  on  Gigabit  Ethernet,  check  out  "Gigabit  to  the  Desktop:  All  Systems  Go!",  an 
informational  Web  cast  at  or  call 


1  Look  for  systems  with  the  Intel®  Pentium®  4  Processor  with  HT  Technology  logo  which  your  system  vendor  has  verified  utilize  Hyper-Threading  Technology.  Performance  will  vary  depending  on  the  specific  hardware  and 
software  you  use  See  cchtlpy/www.intel  com/info/hyperthreading>>  for  more  information. 

2.  "The  Corporate  Refresh  Cycle  Grinds  into  Motion',  IDC,  Roger  L  Kay.  Crawford  Del  Prete.  April  2003. 

2  This  term  indicates  compliance  with  IEEE  standard  802.3ab  for  Gigabit  Ethernet,  and  does  not  connote  actual  operating  speed  of  tGB/sec.  For  high-speed  transmission,  connection  to  a  Gigabit  Ethernet  server  and  network 

infrastructure  is  required 

4  Supercharging  the  Desktop,  Special  Report  Produced  by  Network  World.  Written  by  Elisabeth  Horwitt.  2003. 

5  Ot'kiup  systems  use  a  32  bit  PCI  interface,  which  limits  Gigabit  performance  to  about  500  Megabits  per  second.  Servers  and  high  end  workstabon  systems  fsuch  as  the  Dell  Precision  450)  with  64  bit  PCI  interfaces  can  achieve 

speeds  e«ceed.ng  HN  megabits  per  second. 

i,  ‘Comb  ling  Gigabit  Ethernet  and  Hyper-Threading  Technology  in  the  Desktop  for  Improved  Office  Producbvity,  a  Test  report  prepared  under  contract  from  Intel  Corporabon',  VeriTest,  April  2003 

7  D.,1  if  or.  Intel  reported  results  as  of  April  2003,  'Combining  Gigabit  Ethernet  and  Hyper-Threading  Technology  in  the  Desktop  for  improved  Office  Producbvity,  a  Test  report  prepared  under  contract  from  Intel  Corporabon", 
Vei  V-t.  Ap'ii  2003  These  results  are  provided  for  information  and  comparabve  purposes  only.  Actual  performance  results  will  vary  upon  applicabon  used,  system  used,  configurabons,  benchmarks,  and  other  variables 
~  tel  t1 2 * 4 5 * 7  Inside  the  Intel  Inside  Logo.  Pentium  and  Intel  Pro  are  trademarks  or  registered  trademarks  of  Intel  Corporabon  or  its  subsidiaries  in  the  United  States  and  other  countries  Microsoft  is  a  registered  trademark  of 
M  .  .  ..ttC  • .  .-■■>11  Other  trademarks  and  trade  names  may  be  used  in  this  document  to  refer  to  either  the  entrbes  claiming  the  marks  and  names  or  their  products.  DeH  disclaims  proprietary  interest  in  the  marks  and  names 
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Dell  recommends  Microsoft®  Windows®  XP  Professional  for  Business 


Small  Medium  Business 


v  v 


our  network  scream 
and  your  office  hum 


OPTIPLEX"  GX270  DESKTOP 


Network-Optimized,  Advanced  Business  Desktop 

•  Intel* *  Pentium*  4  Processor  with  HT  Technology  at  2.60GHz  with  800MHz 
Front  Side  Bus 

•  Windows*  XP  Professional 

•  512MB  Dual-Channel  DDR  SDRAM 

•  80GB  (7200  RPM)  Hard  Drive 

•  64MB  DDR  NVIDIA*  GeForce4  MX"  Graphics  Card 

•  Integrated  Intel®  PRO  1000MT  Gigabit*  NIC 

•  48x  CD  Burner 

•  3-Yr  Next  Business  Day  On-Site  Service1 

•  Monitor  Not  Included 

Regular  Price  After  $100  Discount 

SlflOQ  $000  as  low  as  $27/mo„  (46  pruts”) 

E-VALUE  Code:  19445-  S31009g 

Recommended  Upgrades: 

•  3-Yr  Same-Day  4-Hr  (5x10)  On-Site  Service,3  add  $99 

•  17"  Dell  E171FP  Flat  Panel  Display  (as  shown  above),  add  $399 


DELL”  PRECISION  “  360  WORKSTATION 


Maximum-Performance,  Single-Processor  Workstation 

•  Intel®  Pentium®  4  Processor  at  3GHz  with  800MHz  Front  Side  Bus 

•  Windows®  XP  Professional:  Mini-Tower  Chassis 

•  512MB  Dual-Channel  DDR  SDRAM 

•  80GB  ATA-100  IDE  (7200  RPM)  Hard  Drive 

•  64MB  NVIDIA®  Quadra  NVS  280  AGP  8X  Graphics 

•  Integrated  Intel®  PRO  1000MT  Gigabit*  NIC 

•  48x  CD  Burner 

•  Lifetime  24x7  Dell  Precision"  Dedicated  Tech  Support 

•  3-Yr  Next  Business  Day  On-Site  Service3 

•  Monitor  Not  Included 

Regular  Price  After  $200  Discount 

SlAQQ  as  low  as  $35/mo„  (46  pints”) 

E-VALUE  Code:  19445-S41012g 

Recommended  Upgrades: 

•  3-Yr  Same-Day  4-Hr  (5x10)  On-Site  Service3  add  $199 

•  17"  Dell  UltraSharp  1703FP  Flat  Panel  Monitor,  add  $479 


Limited  time  offer. 


Dell  desktops  featuring  Intel®  PRO  Gigabit50  Ethernet  network 
connections  and  Intel®  Pentium®  4  processors  with  HT  Technology  can 
help  boost  the  efficiency  and  productivity  of  your  employees.  Deploy  system 
updates,  new  applications  and  software  images  at  tremendous  speeds  when  you 
combine  an  Intel®  PRO  Gigabit  network  connection  with  a  Gigabit  network  switch. 
And,  you'll  enhance  system  responsiveness  and  improve  productivity  in  multi-tasking 
environments  when  using  Intel®  Pentium®  4  Processors  with  HT  technology. 

By  combining  these  two  breakthrough  technologies,  productivity  gains  can  be  huge. 
Not  to  mention,  Dell's  award-winning  service  and  support  is 
always  there  to  help,  so  you  get  ultimate  peace  of  mind.  So 
call  or  go  online  now  and  find  out  how  Dell  can  take  your 
business  to  a  whole  new  level. 


InterPRO. 

Network  Connections 


Doing  more  for  your  office.  Easy  as 


oeu 


Click  www.dell.com/gigabitoffer  Call  1-888-809-3355 


toll  free 


Call:  M-F  7a-8p  Sat  8a-5p.  CT 

Pricing,  specifications,  availability  and  terms  of  offer  may  change  without  notice  Taxes  and  shipping  charges  extra,  and  vary  and  not  subject  to  discounts  U  S.  Dell  Small  Business  new  purchases  only  Dell  cannot  be  held  responsible  for  errors  in  typography  or  photography  -Service 
may  be  provided  by  thud  party.  Technician  will  be  dispatched,  if  necessary,  following  phone  based  troubleshooting.  Subject  to  parts  availability,  geographical  restrictions  and  terms  of  service  contract  Service  timing  dependent  upon  time  of  day  call  placed  to  Deli.  US  unly.  -Monthly 
payment  based  on  pre-rebate  pnce  foi  48-month  60  Davs  Same-As-Cash-QuickLoan  with  46  payments  at  9.99%  interest  rate  Your  interest  rate  and  monthly  payment  may  be  same  oi  higher,  depending  on  your  creditworthiness.  If  you  do  not  pay  the  balance  within  60  days  of  tlie 
QuickLoan  Commencement  Date  Iwhich  is  five  days  after  product  shipsi,  interest  will  accrue  during  those  first  60  days  and  a  documentation  fee  may  apply.  OFFER  VARIES  BY  CREDITWORTHINESS  OF  CUSTOMER  AS  DETERMINED  BY  LENDER  Minimum  transaction  size  of  $500  required. 
Maximum  aggregate  financed  amount  for  paperless  acceptance  not  to  exceed  $25,000  If  your  order  exceeds  S25K.  a  Dell  Financial  Services  rep  will  contact  you  to  process  your  documentation  Taxes,  fees  and  shipping  charges  are  extra  and  may  vary  Not  valid  on  past  orders  or 
financing  QuickLoan  arranged  by  CIT  Bank  to  Smail  Business  customers  with  approved  credit  '  Between  32  and  64MB  of  system  memory  may  be  allocated  to  support  graphics,  depending  upon  system  memory  size  and  other  factors  ''This  term  indicates  compliance  with  IEEE  standard 
802.3ab  lot  Gigabit  Ethernet,  and  does  not  connote  actual  operating  speed  of  IGB/sec  for  high-speed  transmission,  connection  to  a  Gigabit  Ethernet  server  and  network  infrastructure  is  required.  Intel,  Intel  Inside,  the  Intel  Inside  logo,  Intel  Pro,  the  Intel  Pro  logo,  and  Pentium  are 
trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation  ©2003  Dell  Inc  All  rights  reserved 
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carriers  have  been  slow 

■  BY  SUSAN  BREIDENBACH 


to  launch  this  hosted  telephony  option,  IP  Centrex  is  seen  as 


he  installed  base  of  hosted  IP  telephony  service  in  North  America  is  still  barely  visible,  but  that 
could  change  quickly  as  Verizon  prepares  to  launch  service  in  10  major  markets  in  the  East  by 
year-end.  It  is  the  first  major  deployment  by  a  member  of  the  old,  regional  Bell  operating  com¬ 
pany  guard,  and  —  unlike  the  efforts  of  the  pioneering  start-ups  —  is  aimed  directly  at  the 
enterprise  market. 


Bell  Canada,  BellSouth,  Qwest  and  SBC  are  expected  to  follow  suit 
and  launch  enterprise-oriented  service  in  at  least  some  major  metro¬ 
politan  areas  by  mid-2004.  While  SBC  declined  to  talk  about  its  plans, 
BellSouth  is  engaged  in  trials  with  two  major  customers,  Qwest  is  begin¬ 
ning  trials  with  two  next  month,  and  Bell  Canada  will  start  some  trials 
early  next  year. 

Meanwhile,  In-Stat/MDR  estimates  there  were  46,600  IP  Centrex  seat 
licenses  at  the  end  of  last  year,  and  expects  this  number  to  reach 
123,500  by  the  end  of  this  year.  Most  of  the  installed  base  is  provisioned 
by  pure-play  start-ups  such  as  GoBeam  and  PingTone  that  are  targeting 
small  businesses  with  multiple  locations. 

Verizon  is  the  nation’s  largest  provider  of  traditional  Centrex,  and  the 
East  Coast  has  the  largest  concentration  of  Centrex  users. Verizon  says  it 
hopes  the  new  service  will  help  to  staunch  the  steady  erosion  of  tradi¬ 
tional  Centrex  business  lines,  which  1DC  estimates  peaked  at  56  million 
in  1999.  However,  the  incumbent  local  exchange  carriers  (ILEC)  also 
expect  IP  Centrex  to  gain  ground  with  large  companies  looking  to  con¬ 
solidate  disparate  premises-based  switches  spread  across  multiple  sites 
and  to  reap  the  cost  savings  of  a  managed  service. 

The  massive  blackout  that  paralyzed  much  of  the  U.S.  Northeast  and 
parts  of  Canada  this  summer  underscored  the  advantages  of  a  hosted 
service.  Many  traditional  Centrex  users  —  who  contest  the  notion  that 
they  are  second-class  telephony  citizens  —  smugly  continued  to  enjoy 
voice  service.Their  desktop  phones  are  powered  by  the  central-office 
switch,  which  kicked  over  to  generator  power  when  the  utility  grid  failed. 

“Organizations  with  premise-based  PBXs  had  no  phone  service,”  says 
Joan  Moyer,  telecommunications  manager  for  the  city  of  Toronto,  which 
uses  Centrex  to  deliver  voice  service  to  more  than  900  offices  ranging  in 
size  from  two  to  1,700  lines.“A  hosted  service  provides  fault  tolerance,” 
says  Moyer,  who  is  also  a  board  member  and  service  provider  liaison  for 


the  National  Centrex  Users  Group  (NCUG). 

IP  phones  require  local  A/C  power, so  IP  Centrex  users  were  more 
affected  by  the  blackout.  However,  service  providers  with  redundant,  dis¬ 
tributed  softswitches  were  able  to  keep  things  going. 

“We  could  continue  to  access  features  like  voice  mail, so  we  didn’t 
miss  any  calls,”  says  Ryan  Alexander,  president  of  Omnipod,  a  PingTone 
IP  Centrex  customer  in  New  York  that  develops  secure  instant-messaging 
and  file-sharing  software.“Feople  could  call  up  on  their  battery-powered 
mobile  phones  and  access  the  system,  which  was  hosted  elsewhere. 
That  turned  out  to  be  very  beneficial.” 

Verizon  is  starting  to  see  demand  for  IP  Centrex  as  a  disaster-recovery 
platform.  After  living  through  the  blackout, some  businesses  that  depend 
on  voice  service  and  use  PBXs  want  a  back-up  service.  Because  IP  is 
inherently  distributed, “the  switch  can  be  in  a  different  city  completely 
redundant  from  the  dial  tone  that  goes  into  your  PBX,”  says  Tom 
Dalrymple,  director  of  voice  switching  for  Verizon. “Thht’s  an  opportunity 
we  didn’t  originally  forecast." 

Is  IP  Centrex  for  you? 

Service  providers  and  industry  analysts  agree  that  “sweet  spot”  patterns 
have  yet  to  emerge  for  IP  Centrex,  both  in  terms  of  vertical  industries 
and  company  size.  However,  they  identify  a  number  of  characteristics 
that  make  an  organization  a  likely  candidate: 

•  A  highly  distributed  company  with  lots  of  small  offices. 

•  A  multi-site  company  with  branch  offices  that  are  run  somewhat 
autonomously. 

•  Fast-growing  start-ups  that  would  outgrow  premise-based  equip¬ 
ment  quickly. 

•  Organizations  that  need  the  flexibility  to  accommodate  a  lot  of 
change. 


IP  Centrex 
architecture 

Here’s  a  typical 
example  of 
IP  Centrex  based 
on  softswitch 
technology: 
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10/20/03 ,  NetworkWorld , 


zering  more  benefits  than  traditional  Centrex  or  PBXs  for  less. 


Keller  Williams  Realty  was  founded  three-and-a-half  years  ago 
in  the  middle  of  the  red-hot  Sacramento,  Calif-,  real-estate  market, 
and  now  has  260  agents  spread  across  three  offices.  The  com¬ 
pany  quickly  outgrew  its  premises-based  NEC  switch  and  looked 
around  for  a  more  flexible  and  scalable  product. 

“Every  time  we  moved  someone  from  one  desk  to  another, 
there  was  a  service  call  to  the  local  interconnect  that  cost  us 
$100,” says  Wayne  Hall,  president  of  the  company“When  we  dis¬ 
covered  GoBeam  two  years  ago,  we  weren’t  really  looking  for 
[voice  over  IP]  —  just  a  good  deal  on  basic  phone  service.” 

Hall  had  some  initial  concerns  about  relying  on  a  start-up  and 
IP  for  voice  service,  but  decided  to  take  the  plunge.There  have 
been  three  minor  service  hiccups  over  the  past  two  years,  but 
none  were  very  disruptive.  In  a  converged  environment,  whether 
a  dedicated  desktop  phone  has  dial  tone  or  not  isn’t  as  critical, 
because  there  are  other  options. 

“If  the  service  to  the  building  goes  out,  most  of  our  folks  can  just 
go  onto  the  Dashboard  [GoBeam’s  browser-based  user  interface] 
and  forward  their  calls  to  their  cell  phones,”  he  says.“They  love  the 
Dashboard  and  the  way  their  phone  number  can  follow  them 
wherever  they  go  and  the  ability  to  manage  calls  and  messages.” 

Hall  even  uses  the  GoBeam  IP  Centrex  service  as  a  recruiting 
incentive.“We  survive  by  recruiting  talent  away  from  the  competi¬ 
tion,  and  our  competitors  don’t  have  a  phone  system  like  this.  It’s 
also  great  to  be  able  to  add  new  offices  so  easily,  and  to  have  a 
single  phone  system  across  locations,”  he  says. 

More  bang  for  the  buck? 

IP  Centrex  typically  is  being  sold  in  a  flat-rate  bundle  that 
includes  local  and  long-distance  voice,  data  access  and  such 
value-added  services  as  voice  mail,  e-mail,  unified  messaging 
and  Web  hosting.  Also,  the  IP  Centrex  service  providers  are 
rejecting  the  per-line  pricing  of  traditional  Centrex  for  a  per-seat 
or  per-user  model. 

While  the  ILECs  haven’t  announced  pricing  yet,  the  pure-play 
IP  Centrex  providers  such  as  GoBeam,  M5  Networks  and 
PingTone  have  monthly  rates  ranging  from  $40  to  $65  per  user, 
depending  on  bundle  packaging  and  the  size  and  configuration 
of  the  customer.  IDC  expects  enhanced  IP  Centrex  bundles  in 
the  large-business  segment  to  drop  to  an  average  of  $26  per  user 
by  2007.  In  contrast,  IDC  reports  that  traditional  Centrex  lines  cost 
large  enterprise  customers  $21  per  month  for  basic  service  plus 


such  add-on  features  as  voice  mail  and  caller  ID. 

Early  adopters  have  trouble  quantifying  the  differences,  but 
agree  that  IP  Centrex  gives  them  more  for  their  money  than  tradi¬ 
tional  Centrex  or  PBX-based  voice  service.  Wall  Street  Strategies, 
a  stock  research  firm  in  New  York,  switched  to  M5’s  IP  Centrex 
after  its  previous  voice  service  provider,  a  competitive  local 
exchange  carrier,  went  bankrupt. Wall  Street  Strategies  COO 
Daliah  Amar  says  hosted  IP  telephony  is  saving  her  company 
money  by  eliminating  the  cost  of  buying  and  maintaining  hard¬ 
ware  and  decreasing  the  number  of  necessary  T-l  lines. 

“The  IP  Centrex  call  handling  is  much  more  efficient,”  Amar 
says.“For  example,  I  might  have  five  calls  coming  in,  with  four  of 
them  on  hold. These  four  are  not  tying  up  four  channels  on  the  T- 
1,  because  the  service  provider  is  holding  them.  We  were  able  to 
go  from  three  T-ls  to  one  plus  a  DSL  line  for  backup.”  With  the 
move  to  IP  Centrex,  Wall  Street  Strategies  reduced  its  local  and 
long-distance  costs  by  at  least  60%  and  eliminated  the  $25,000 
per  year  that  was  going  to  hardware  and  software  maintenance. 

Interface  envy 

Organizations  that  start  mixing  traditional  and  IP  Centrex  might 
create  some  friction  in  the  user  community 

“From  the  end-user  standpoint,  the  graphical  interface  is  the 
main  thing,” says  Christine  Hartman,  research  director  of  packet 
telephony  for  Probe  Research.“Users  get  a  visual  interface  with 
point-and-click  call  control,  and  there  are  no  star  codes  to 
remember  and  punch  in. That  won’t  help  to  sell  IP  Centrex,  but 
once  people  have  it,  it  will  prevent  them  from  going  back.” 

Some  of  GoBeam’s  customers  maintain  a  PBX  at  their  headquar¬ 
ters  and  deploy  the  IP  Centrex  service  to  the  branch  offices. Soon 
the  people  at  the  branch  offices  start  snickering:  They  now  have 
the  more  advanced  voice  system,  and  the  people  at  the  headquar¬ 
ters  have  become  the  have-nots. 

“Then  the  people  at  the  headquarters  start  asking  for  the  new 
phone  system  too,” says  Kevin  Gavin,  chief  marketing  officer  for 
GoBeam. The  Dashboard  interface  is  GoBeam’s  unique  contribu¬ 
tion  to  IP  Centrex;  the  service  provider’s  underlying  infrastructure 
is  based  on  Cisco  routers  and  softswitch  technology  from 
Sylantro  and  BroadSoft. 

See  IP  Centrex,  page  78 


Some  providers  object  to  the  IP 
Centrex  terminology  and  insist 
on  calling  the  service  network- 
based  IP  telephony.  To  them,  the  term 
"Centrex"  carries  too  much  bag¬ 
gage:  It  sounds  dated,  and  it  is  asso¬ 
ciated  with  the  old  regional  Bell 
operating  company  monopolies. 

"Centrex  was  the  poor-man's  PBX, 
while  IP  Centrex  is  better  than  a 
PBX,"  says  Kevin  Gavin,  chief  mar¬ 
keting  officer  for  IP  Centrex  pioneer 
GoBeam. 

To  further  confuse  things,  the  in¬ 
cumbent  local  exchange  carriers  are 
rolling  out  a  "Centrex  IP"  service  that 
primarily  is  a  migration  platform  for 
traditional  Centrex  customers.  While 
IP  Centrex  uses  softswitch  technol¬ 
ogy,  Centrex  IP  is  a  hybrid  platform 
that’s  is  based  on  a  Class  5  TDM 
switch  that  has  been  IP-enabled. 
BellSouth  and  Qwest  are  sticking 
with  this  Centrex  IP  technology  for 
their  initial  trials. 

Another  option  called  managed  or 
hosted  PBX  can  be  based  on  tradi¬ 
tional  or  IP  PBX  switches. 

There  is  some  disagreement  about 
where  the  switch  has  to  be  or  who 
has  to  own  it  if  it  is  to  qualify  for  this 
classification. 

However,  what  distinguishes  Cen¬ 
trex  —  traditional  or  IP  —  is  that 
there  are  multiple  tenant-customers 
sharing  the  same  central-office 
switch.  With  hosted  or  managed 
PBX  service,  the  switch  is  dedicated 
to  a  single  customer,  regardless  of 
the  switch's  location  or  ownership. 

In  the  main  story,  IP  Centrex  and 
network-based  IP  telephony  are  used 
interchangeably. 

—  Susan  Breidenbach 
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Softswitch 
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Internet 


PSTN 


0  Trunk  gateway 


O  Ordinary  analog 
phones  and  fax 
machines  are  served 
through  a  gateway. 
This  gateway 
performs  voice 
digitization  and 
packetization  and 
converts  analog 
signaling  into  IP 
telephony  messages. 


©  The  customer  gateway  sends 
IP  telephony  traffic  across 
the  carrier’s  managed 
backbone  to  a  softswitch. 
The  softswitch  provides  the 
customer  gateway  with  the 
IP  address  of  the  other 
party,  and  the  gateway  uses 
this  information  to  send 
packetized  voice  streams 
directly  to  the  destination. 


©  IP  phones  receive  the 
IP  address  of  the  other 
party  from  the 
softswitch.  Using  this 
data,  the  phones  send 
packetized  voice 
streams  directly  to  the 
destination,  which  may 
be  another  IP  phone, 
customer  gateway  or 
trunk  gateway. 


©  The  softswitch 
provides  the 
call  control  and 
service  logic  for 
the  IP  Centrex 
service. 


©  When  a  call  must  pass 
between  the  backbone 
and  the  PSTN,  such  as 
an  IP  Centrex  user 
placing  a  call  to  an 
analog  user,  the 
softswitch  uses  the 
signaling  gateway  to 
exchange  SS7  messages 
with  PSTN  Class  4  and 
Class  5  switches. 


©  When  a  call  must  pass  between 
the  backbone  and  the  PSTN,  a 
trunk  gateway  is  also  required. 
While  the  signaling  gateway 
handles  the  switch-to-switch 
communication,  the  softswitch 
directs  the  call  to  a  trunk 
gateway  that  packetizes  and 
depacketizes  the  voice  stream 
for  transmission  to  PSTN 
switches. 
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Join  Mark  Gibbs,  ITworld.com  technology  host,  as  he  moderates 
an  exclusive  webcast  and  roundtable  discussion  on  Cisco's  integrated 
solutions  for  enterprise  branch  and  small  offices 


"Empowering  Your  Branch  and  Small  Office  Environments" 

Who  Should  Attend:  IT  and  Business  Decision  Makers 

Tune  in  today  at: 

http://www.itworld.com/empowered 


Gibbs  brings  together  Mike  Volpi,  Sr.  Vice  President 
Routing  Technology  at  Cisco  Systems  and  Zeus  Kerravala, 
Vice  President  Enterprise  Infrastructure  from  the  Yankee 
Group  for  an  in-depth  look  at  the  challenges  organizations 
are  facing  today  in  reducing  network  costs  while 
enhancing  productivity  and  support  for  branch  and 
remote  employees. 

Also  hear  from  customers  about  how  deploying  Cisco  Full  Service  Branch 
Solutions  has  benefited  their  organization  by  boosting  productivity  and 
lowering  operational  costs  with: 

•  Security  solutions  for  remote  assets  including  information,  people,  and 
facilities 

•  Business  voice  and  video  solutions  for  toll  bypass,  call  processing, 
voicemail,  and  video-based  training  and  employee  communications 
services 

•  Web  application  optimization  for  intranets  and  mission-critical  applica¬ 
tions  such  as  ERP,  CRM  and  SCM 

•  New  approaches  for  driving  down  costs  of  WAN  connectivity 

•  Teleworking  solutions  for  workplace  flexibility  and  business  resilience 
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NetworkWorid  Cisco’s  Catalyst  6500  raises  the  stakes 


10G  ETHERNET 
SWITCHES 


■  BY  DAVID  NEWMAN,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

isco  might  be  a  relative  latecomer  to  10G  Ethernet  switching,  but  its 
hardly  playing  catch-up.  Our  exclusive  lab  tests  show  that  new  line  cards 
and  management  modules  for  Ciscos  Catalyst  6500  switches  push  the 
performance  envelope  in  a  number  of  ways: 


•  Line-rate  throughput  with  low  delay 
and  jitter. The  Catalyst  becomes  only  the 
second  product  tested  to  fill  a  10G  pipe. 

•  Fast  failover.  The  Catalyst  set  records 
for  recovery  times. 

•  Perfect  prioritization.  The  Catalyst  is 
the  only  product  that  can  protect  high- 
priority  traffic  while  simultaneously  rate- 
limiting  low-priority  traffic. 

•  IPv6  routing.  In  the  first-ever  public 
test  of  IPv6  routing,  the  Catalyst  moved 
traffic  at  line  rate  even  when  handling 
250  million  flows. 

The  Catalyst’s  stellar  performance  in 
our  tests,  along  with  its  rich  feature  set, 
earned  it  a  World  Class  Award.  Simply 
put,  this  is  the  highest-performing  10G 
Ethernet  product  we’ve  tested  to  date. 

To  ensure  an  even  comparison,  we  ran 
the  same  tests  on  Cisco’s  new  gear  — 
WS-X6704-10GE  line  cards  and  WS- 
SUP720  management  modules  —  that 
we  used  in  an  assessment  of  10G  Ether¬ 
net  products  early  this  year  (see 
www.nwfusion.com,  DocFinder:  8123). 
Tests  included  pure  10G  Ethernet  perfor¬ 
mance;  Gigabit  Ethernet  across  a  10G 
Ethernet  backbone;  quality-of-service 
(QoS)  enforcement;  and  failover  times. 
For  this  review,  we  added  failover  and 


Net  Results 


Cisco  Catalyst  6500 
10  Gigabit  Ethernet 
line  cards 


WORLD  CLASS 
WINNER 

OVERALL  RATING 

4.75 


Company:  Cisco  Cost: 
$99,995  as  tested.  Pros: 
Line-rate  throughput;  low 
latency  and  jitter;  highly 
Hff/i/icr  i  scalable;  excellent  IPv6 
routing  and  forwarding. 
Cons:  Four-port  10G  card  is  blocking. 


The  breakdown 

10G  Ethernet  performance  25% 

4 

Gigabit  Ethernet  performance 

over  10G  backbone  25% 

5 

QoS  enforcement  25% 

5 

Failover  15% 

5 

Features  10% 

5 

TOTAL  SCORE  4.75 


■  Scoring  Key:  5:  Exceptional;  4: Very  good; 
3:  Average;  2:  Below  average;  1:  Consistently 
subpar 


IPv6  forwarding  and  routing  (see  “How 
we  did  it,”  DocFinder:  8 129). 

In  the  10G  Ethernet  tests,  we  used 
Spirent  Communications’  SmartBits  to 
generate  traffic  in  a  four-port,  full-mesh 
configuration.  Cisco’s  10G  Ethernet 
cards  delivered  line-rate  throughput  for 
all  tests  (see  Table  1).  That  puts  the 
Catalyst  on  par  with  the  El 200  from 
Force  10  Networks. 

We  should  note  that  Cisco’s  10G 
Ethernet  cards  are  blocking  —  which 
causes  frame  loss  —  when  all  four  ports 
exchange  64-byte  frames  between  line 
cards.  This  was  not  an  issue  in  our  tests 
because  we  moved  traffic  between  two 
ports  on  each  of  two  cards.  We  think 
that’s  a  fair  comparison  with  previous 
products  tested.  Most  of  those  had  just 
one  port  per  card,  not  four,  so  all  previ¬ 
ous  tests  were  also  across  cards.  Cisco 
says  the  new  cards  are  nonblocking 
when  handling  a  mix  of  frame  sizes,  but 
we  did  not  verify  this. 

Delay  and  jitter  with  the  Cisco  10G 
Ethernet  cards  weren’t  quite  as  low  as 
previous  record-holders  from  Foundry 
Networks  and  HP  but  the  numbers  were 
well  below  the  point  at  which  application 
performance  might  suffer  (see  Table  2). 

In  the  worst  case  (delay  for  1,518-byte 
frames  under  10%  load),  Cisco’s  average 
delay  was  12.4  microsec,  compared  with 
7.5  microsec  for  Foundry  Jitter  was  0.5 
microsec,  compared  with  0.6  microsec 
for  Foundry  in  a  similar  test.  Neither  re¬ 
sult  will  affect  application  performance. 

We  also  conducted  tests  the  way  10G 
Ethernet  is  most  likely  to  be  used  —  as  a 
backbone  technology  We  built  a  test  bed 
comprising  two  chassis  connected  with  a 
10G  Ethernet  link.  Each  chassis  also  had 
10  (single)  Gigabit  Ethernet  interfaces. 
We  offered  traffic  from  510  virtual  hosts 
to  each  Gigabit  Ethernet  interface,  mean¬ 
ing  there  were  10,200  hosts  exchanging 
traffic  in  a  meshed  pattern. 

The  Cisco  setup  delivered  line-rate 
throughput  at  all  frame  sizes,  and  delay 
and  jitter  again  trailed  Foundry  and  HP 
by  an  insignificant  margin.  Cisco’s  high¬ 
est  average  delay  (with  1,518-byte 
frames)  was  35.5  microsec,  compared 
with  31.3  microsec  for  HP  Again,  the  dif¬ 
ference  isn’t  meaningful. 

Introducing  IPv6 

It’s  important  to  understand  why  IPv6 
testing  matters  to  enterprise  network 


Table  1:  Cisco's  10G  Ethernet  throughput 

Cisco’s  10G  Ethernet  line  cards  in  the  Cisco  Catalyst  6500  hit  theoretical 
maximum  throughput  for  every  test  we  threw  at  it. 

Four  10G  Ethernet  interfaces,  fully  meshed  IPv4  traffic 

Theoretical  maximum  Throughput  per  port 
Frame  length  (bytes)  (frames  per  second)  (frames  per  second) 

64  14,880,952  14,880,952 

256  4,528,985  4,528,985 

1,518  81,274  81,274 

20  Gigabit  Ethernet  interfaces,  10G  backbone,  partially  meshed  IPv4  traffic 


64 

1,488,095 

1,488,095 

256 

452,899 

452,899 

1,518 

81,274 

81,274 

20  Gigabit  Ethernet  interfaces,  10G  backbone,  partially  meshed  IPv6  traffic 


76* 

1,302,083 

1,302,083 

256 

452,899 

452,899 

1,518 

81,274 

81,274 

20  Gigabit  Ethernet  interfaces,  10G  backbone,  100,000  networks, 
250  million  IPv6  flows 

76*  1,302,083  1,302,083 

*76  bytes  is  minimum  IPv6  length  supported  by  test  equipment. 


Table  2:  Cisco’s  10G  Ethernet  delay  and  jitter 

Delay  and  jitter  with  the  Cisco  10G  Ethernet  cards  weren’t  quite  as  low  as 
previously  tested  boxes  from  Foundry  Networks  or  HP,  but  Cisco’s  numbers 
are  well  below  the  point  at  which  application  degradation  would  occur. 

Four  10G  Ethernet  interfaces,  fully  meshed  IPv4  traffic 

Frame  length  (bytes)  Average  delay  (microsec)  Jitter  (microsec) 

64  10.2  0.3 

256  10.0  0.6 

1,518  12.4  0.5 

20  Gigabit  Ethernet  interfaces,  10G  backbone,  partially  meshed  IPv4  traffic 


64 

19.3 

0.7 

256 

20.9 

1.0 

1,518 

35.5 

1.7 

20  Gigabit  Ethernet  interfaces,  10G  backbone,  partially  meshed  IPv6  traffic 


76 

18.1 

0.8 

256 

20.0 

0.5 

1,518 

39.4 

3.0 

20  Gigabit  Ethernet  Interfaces,  10G  backbone,  100,000  networks, 

250  million  IPv6  flows 

76  19.9  Not  tested 
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managers  today.  The  conventional  wisdom 
is  that  IPv6  is  only  of  interest  in  Asia,  and 
there  mainly  as  a  science  project.That  per¬ 
ception  is  misguided,  for  two  reasons. 

First,  depreciation  schedules  for  back¬ 
bone  gear  might  run  as  long  as  five  years, 
and  by  then  IPv6  deployment  is  likely  to  be 
more  extensive  than  today  Second,  compa¬ 
nies  doing  business  with  the  federal  gov¬ 
ernment  might  need  IPv6  support  much 
sooner  than  that.  Starting  this  month,  the 
Department  of  Defense  is  requiring  IPv6  in 
systems  it  evaluates, and  other  agencies  are 
likely  to  follow  suit. 

Cisco’s  results  with  IPv6  traffic  were 
nearly  identical  to  those  with  IPv4.  The 
vendor’s  new  10G  cards  delivered  line- 
rate  throughput  in  all  cases.  Delay  and  jit¬ 
ter  were  actually  lower  with  short-  and 
medium-length  IPv6  frames  than  with 
IPv4, and  delay  with  long  frames  was  only 
slightly  elevated. 

All  public  tests  of  IPv6  to  date  have 
focused  on  forwarding  rather  than  routing, 
mainly  because  IPv6  routing  protocols  are 
only  now  coming  to  market.  Cisco’s  WS- 
SUP720  management  module  supports 
OSPFv3,  the  IPv6-enabled  version  of  the 
popular  routing  protocol  Open  Shortest 
Path  First. This  was  the  first  appearance  of 
IPv6  routing  in  a  public  test. 

We  used  Spirent’s  TeraRouting  software 


to  advertise  100,000  unique  routes  (each 
representing  one  network)  over  OSPFv3  to 
the  pair  of  Catalysts.  Because  address  seal- 
ability  is  a  major  selling  point  for  IPv6,  we 
then  sent  traffic  to  each  of  250  virtual  hosts 
on  all  100,000  networks.  This  works  out  to 
250  million  total  flows:  On  each  of  two 
chassis,  we  offered  traffic  to  10  interfaces 
from  250  hosts,  each  sending  traffic  to 
50,000  networks  on  the  other  chassis. 

To  put  this  number  in  perspective,  imag¬ 
ine  we  took  the  entire  population  of  all  U.S. 
states  west  of  the  Mississippi, gave  everyone 
a  computer,  and  routed  all  their  traffic 
through  one  pair  of  Catalyst  switches.  To 
Cisco’s  credit,  it  did  so  at  line  rate,  with  aver¬ 
age  delays. 

QoS  enforcement 

Cisco’s  Catalyst  also  outperformed  previ¬ 
ously  tested  products  when  it  came  to  QoS 
enforcement.  In  this  test,  we  offered  three 
classes  of  traffic  and  required  the  switch  to 
deliver  high-priority  traffic  with  no  loss, even 
during  congestion. 

We  also  required  the  switch  to  restrict  low- 
priority  traffic  so  that  it  never  used  more 
than  2G  bit/sec  of  bandwidth.  And  just  to 
make  things  interesting,  we  emulated  252 
hosts  on  each  of  20  edge  ports  —  making 
5,040  virtual  hosts  in  all. 

Previously  other  vendors  protected  high- 


A  challenge  to  switch  vendors 


Vendors  of  10G  Ethernet  equipment,  listen  up:  Network  World  has  a  standing 
offer  to  rerun  the  same  tests  performed  here  on  your  equipment  For  prod¬ 
uct  requirements  and  other  information  on  having  your  system  tested,  con¬ 
tact  Christine  Burns  at  cburns@nww.com. 


priority  traffic  but  couldn’t  rate-control  low- 
priority  traffic.  Cisco  did  both:  The  Catalyst 
6500  not  only  delivered  all  high-priority  traf¬ 
fic  without  loss,  but  also  came  within 
99.99%  of  hitting  our  low-priority  bandwidth 
enforcement  goal. 

Failure?  What  failure? 

Our  failover  tests  assessed  how  quickly 
a  switch  reroutes  traffic  onto  a  secondary 
link  upon  failure  of  a  primary  circuit.  We 
tested  Cisco’s  failover  with  both  OSPF  and 
IEEE  802.3ad  link  aggregation. 

In  our  OSPF  failover  tests,  the  Catalyst 
rerouted  traffic  in  an  average  of  195  milli- 
sec.  That’s  slightly  better  than  the  237- 
millisec  failover  Foundry  posted  in  a  pre¬ 
vious  test.  With  link  aggregation,  the 
Catalyst  reduced  failover  time  to  just  45 
millisec. 

Cisco  says  other  switches  had  too  easy  a 
time  because  we  used  only  a  single  flow  in 
our  previous  failover  tests. 

Cisco  contends  that  other  switches  are 
flow-based,  meaning  they  build  Layer-2  for¬ 
warding  tables  based  on  the  number  of 
flows  involved,  and  thus  failover  times 
increase  as  flow  count  increases.  In  con¬ 
trast,  the  Catalyst’s  routing  reduces  Layer-2 
flow  counts,  which  lets  it  handle  arbitrarily 
large  numbers  of  flows  with  no  perfor¬ 
mance  hit. 

We  ran  the  failover  test  with  2  million 
flows,  meaning  that  traffic  for  1  million 
flows  would  be  “failed  over”  The  Catalyst’s 
performance  improved  in  this  test,  with 
OSPF  failover  taking  86  millisec  and  link 
aggregation  failing  over  in  18  millisec. This 
validates  Cisco’s  claim  that  it  can  support  a 
large  number  of  flows;  we’ll  see  how  other 
vendors  do  in  future  tests. 

Newman  is  president  of  Network  Test ,  an 
independent  benchmarking  and  network 


design  consultancy  in  Westlake  Village , 
Calif.  He  can  be  reached  at  dnewman@net 
work  test.  com. 
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IP  Centrex 

continued  from  page  75 

Impediments  to  implementation 

There  still  are  technical  and  regulatory 
issues  that  have  to  be  resolved  before  IP 
Centrex  service  becomes  as  ubiquitous  as 
its  traditional  counterpart.  One  is  the 
availability  of  economical  broadband 
connections  for  small  offices. 

“IP  Centrex  is  taking  off  faster  in  Europe 
because  an  office  with  15  people  can  get  a 
DSL  with  3M  to  4M  bit/sec  downstream 
and  1M  bit/sec  upstream  for  $30  a  month,” 
says  Olivier  Hersent,  founder  and  CFO  of 
softswitch  vendor  NetCentrex.  European 
service  providers  are  bundling  IP  Centrex 
with  local  and  long-distance  voice  service, 
data  service,  Web-site  hosting,  voice  mail.e- 
mail  and  other  applications.“It’s  MIS  in  a 
box,  not  just  telephony  in  a  box,”  he  says. 

Hartman  says  the  U.S.  service  providers 
are  trying  to  become  onestop  shops  too, 
and  win  with  the  bundle.  However,  they 
aren’t  starting  from  such  a  monopoly  posi¬ 
tion,  and  some  regulatory  issues  remain. 
According  to  Sue  Tarr,  executive  director  of 
service  provisioning  product  management 
for  Telcordia,  softswitch-based  "IP  Centrex" 


offerings  might  be  considered  enhanced 
data  services  while  “Centrex  IP ’’based  on 
an  IP-enabled  Class  5  switch  might  be  tar¬ 
iffed  (see  related  story  page  75). 

IP  phones  are  another  factor  holding 
back  IP  telephony  implementations  — 
whether  hosted  or  premises-based.They 
are  still  relatively  expensive,  and  they  still 
cause  all  kinds  of  compatibility  problems 
in  multi-vendor  environments.“You  still 
have  to  test  each  piece  of  equipment  with 
every  other  piece, ’’says  Eric  Schwartz,  vice 
president  of  IP  communications  for  Bell¬ 
South. “IP  telephony  won’t  take  off  until 
the  devices  are  truly  standardized, so  that 
every  vendor’s  handsets  work  with  every 
other  vendor’s  switches  and  vice  versa.” 

The  IP  phones  are  unstable,  Hersent 
says.“Regardless  of  brand,  the  typical 
IP  phone  is  still  rebooting  once  a  day. 
Imagine  if  you  had  100,000  users,  and  they 
all  started  calling  technical  support  when 
this  happened.  Some  IP  phones  also  have 
no  security  and  a  person  with  the  right 
skills  can  go  in  and  change  the  ID  and 
pretend  to  be  someone  else,”  he  says. 

Security  is  another  area  with  a  lot  of 
unresolved  issues,  and  organizations  con¬ 
sidering  IP  Centrex  need  to  find  out  what 


prospective  service  pro¬ 
viders  are  doing  about  it. 

Sending  voice  packets  over 
enterprise  firewalls  can  intro¬ 
duce  too  much  latency  and 
the  “solution”  simply  might 
be  to  go  around  them. 

Expert  insight 

Despite  these  problems,  a 
growing  number  of  organiza¬ 
tions  enthusiastically  are 
embracing  IP  Centrex  as  a 
convergence  alternative. 

According  to  1  DC,  the  number  of  stations  is 
increasing  more  than  fivefold  annually,  with 
cost-cutting  being  the  primary  reason.The 
IP  Centrex  phenomenon  is  part  of  a  larger 
IT  trend  toward  reducing  technology  costs 
and  risks  by  turning  certain  functions  over 
to  outside  experts. 

IP  telephony  is  seen  as  a  particularly 
good  candidate  for  outsourcing  because 
the  technology  is  still  changing  extreme¬ 
ly  rapidly.  Worries  about  platform  obsole¬ 
scence,  scalability,  bandwidth  manage¬ 
ment,  upgrades,  quality  of  service,  back¬ 
up  capabilities  and  other  such  issues 
can  be  left  to  the  service  provider.  That’s 


the  theory,  anyway. 

In  practice,  not  all  service 
providers  are  created  equal,  and 
some  can  be  pretty  bad.There 
are  lots  of  layoffs,  and  the  sup¬ 
port  people  are  often  the  first  to 
go,  because  they  are  on  the  cost 
side  of  the  equation.  Omnipod 
had  to  cycle  through  one  unsat¬ 
isfactory  service  provider  before 
finding  PingTone.and  this  expe¬ 
rience  probably  isn’t  atypical. 

The  entry  of  the  big  ILECs  into 
the  market  might  raise  the  bar, 
but  industry  watchers  aren’t  holding  their 
collective  breath.“If  you  sit  in  on  a  meeting 
of  Centrex  users,  you  will  see  that  the  carri¬ 
ers  don’t  do  a  great  job  serving  that  mar¬ 
ket,"  Probe  Group’s  Hartman  says. 

Omnipod  has  no  regrets,  though.“We 
saved  ourselves  the  capital  expenditure 
and  a  lot  of  ongoing  operational  ex¬ 
penses,  and  yet  our  employees  are  enjoy¬ 
ing  all  the  advantages  and  flexibility  of  an 
IP-based  voice  network,”  Alexander  says. 

Breidenbach  is  a  freelance  writer  in 
Nevada.  She  can  be  reached  at  sbreide@ 
aol.com. 


More  online! 


Online  exclusive:  Find  out  why 
Centrex  users  aren’t  rushing  to  IP. 

DocFinder  8122 
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ACCELERATES 

GREAT  BUSINESS  DECISIONS 


Enterprise  Management  Associates  is  an  analyst  firm  focused  specifically  on  the  complex  issues  of  managing  IT  technologies.  We 
are  advisors  to  leading  IT  organizations  and  their  suppliers  around  the  world. 

EMA  uncovers  the  truths,  trends  and  challenges  facing  the  IT  community.  Our  knowledge  and  expertise  are  not  the  only  things 
that  differentiate  us.  EMA  helps  its  clients  stay  agile  in  the  dynamic  IT  industry  through: 

LEADING  INDUSTRY  AUTHORITIES  |  GROUND-BREAKING  RESEARCH  |  OPERATIONAL  ASSESSMENTS  |  ADVICE  ON  RFPs,  S LAs  AND  MORE 


Can  you  afford  NOT  to  make  great  business  decisions? 

Visit  us  at  www.enterprisemanagement.com 


2108  55th  Street,  Suite  1 10,  Boulder,  CO  80301 

Phone:  303.543.9500 

©  Enterprise  Management  Associates,  s  : 


ENTERPRISE  MANAGEMENT 

ASSOCIATES 


convert 


prospect 


Most  recently  a  300%  revenue 
increase  was  achieved  within 
a  24  month  time  frame  for 
the  Managed  IT  Solutions 
provider  RackFast.com 


Building  Success  for  our  clients 


retain 


since  1 998  with  proven  solutions 


that  result  in  noticeable  revenue 
and  productivity  increases. 
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■  CAREER  DEVELOPMENT 

■  PROJECT  MANAGEMENT 

■  BUSINESS  JUSTIFICATION 


Bidding  down 

Online  technique  for  purchasing  IT  goods  and  services  saves  companies  time  and  money. 


■  BY  JOHN  COX 

Network  executives  working  with  so-called 
reverse  auctions  for  IT  purchases  are  com¬ 
ing  to  a  surprising  conclusion  about  the 
benefits  of  this  online  purchasing  method. 
“It’s  not  just  about  dollars,”  says  Don 
Stevenson,  who  oversaw  a  recent  online 
reverse  auction  for  CMS  Energy  a  large  util¬ 
ity  company  in  Jackson,  Mich. 

CMS  has  found  that  reverse  auctions  not  only  lower 
prices  for  standard,  commodity-like  products,  but  also 
encourage  manufacturers  and  service  providers  to 
embrace  innovation. The  innovations  can  include  repack¬ 
aging  their  offerings,  improving  customer  service  and 
adopting  new  quality-of-service  standards. 

In  a  traditional  auction,  buyers  compete  to  bid  up  the 
price  of  an  object  they  want  from  the  seller.  In  a  reverse 
auction, sellers  bid  the  price  down  to  win  a  contract  with 
the  buyer.  Putting  the  process  online  lets  you  incorporate 
secure  Web  sites,  add  applications  to  track  and  rank  the 
sellers’ bids,  and  end  up  with  a  bid  that’s  detailed  enough 
to  form  the  basis  of  final  contract  negotiations. 

Reverse  auctions  have  reduced  prices  paid  for  goods 
and  services  by  an  average  of  15%  compared  with  tradi¬ 
tional  paper  bids,  according  to  a  2003  study  by  nonprofit 
group  CAPS  Research. 

The  study,  “The  Role  of  Reverse  Auctions  in  Strategic 
Sourcing,” also  found  that  the  online  process  cut  errors  by 
30%  to  60%,  and  in  a  few  cases  shortened  the  time  spent 
on  the  overall  process  by  up  to  90%.  According  to  the 
report,  construction  giant  Bechtel,  which  now  has  a  staff 
of  more  than  300  for  reverse  auctions,  has  reduced  con¬ 
tract  negotiations  from  weeks  to  hours.  But  Bechtel  notes 
that  successful  reverse  auctions  require  more  discipline 
in  internal  work  processes  and  a  better  understanding  of 
competitive  markets  than  sealed  paper  bids. 

Reverse  auctions  are  one  technique  companies  can  use 
to  make  their  supplier  relationships  more  efficient,  says 
Stewart  Beall,  director  of  executive  projects  at  CAPS 
Research.  Beall,  a  former  chief  purchasing  officer,  says 
reverse  auctions  seem  to  be  part  of  a  trend  to  use  Web- 
based  applications  to  change  paper-based  sourcing 
processes  into  more  efficient,  streamlined  “e-sourcing.” 

You  can  see  that  trend  at  CMS.  The  utility’s  purchasing 
department  started  using  reverse  auctions  a  few  years 
ago,  for  everything  from  cleaning  rags  to  front-end  load¬ 
ers, says  Stevenson,  who  is  network  technologies  manager 
at  CMS.  “There  was  quite  a  range  of  success  stories,”  he 
says.“Incumbents  were  reducing  prices,  and  new  compa¬ 
nies  were  breaking  into  our  supply  chain.” 


The  network  group’s  first  step,  not  yet  a  full  reverse  auc¬ 
tion,  was  to  use  an  electronic  procurement  system  to  take 
bids  for  the  entire  network  infrastructure  at  the  new  CMS 
headquarters.  The  utility  turned  to  Enporion,  an  e-market- 
place  created  for  and  by  electrical  and  gas  utilities.  Rather 
than  sending  out  and  receiving  reams  of  paper,  Enporion 
e-mailed  Microsoft  Word  documents  and  Excel  spread¬ 
sheets  to  buyers,  who  electronically  returned  bid  proposals. 

Last  year,  CMS  took  the  next  step,  opting  to  rebid  all  its 
vital  voice  and  data  services  through  a  reverse-auction 
service  from  Applied  Research  Technology  (ART).  Other 
options  for  conducting  online  auctions  include  investing 
in  third-party  and  internal  software  applications.  Glaxo¬ 
SmithKline,  based  in  the  U.K.,held  90  reverse  auctions  in 
2002  —  20  were  done  via  third-party  service  provider 
FreeMarkets  and  70  by  the  pharmaceutical  firm’s  internal 
staff,  according  to  the  CAPS  study 

At  CMS,  the  entire  process,  from  preliminary  planning  to 
final  contract  negotiations,  has  taken  almost  a  year.  “We 
had  to  decide  what  we  wanted,  and  then  after  we  got 
[the  online  bids],  we  had  to  evaluate  the  results,” 
Stevenson  says.  “We  had  very  high  [requirements]  for 
things  like  reliability  and  like  safety  for  example.” 

As  part  of  the  process,  ART  recommended  best  practices 
and  outlined  what  pricing  and  QoS  terms  CMS  could 


expect  in  each  area.  For  example,  ART  suggested  that  CMS 
pool  its  cellular  voice  minutes  so  if  one  person  in  the  com¬ 
pany  didn’t  use  all  his  allotted  minutes  in  a  month,  he 
would  become  available  to  someone  else  in  the  company 

One  advantage  of  CMS’s  Web-based  auction  is  how  visi¬ 
ble  it  made  the  bidding  process  to  all  parties,  according 
to  Stevenson.  Vendors  submitted  their  bids  in  electronic 
form,  either  via  EDI  formats  or  via  a  CD-ROM.  Next,  an  ART 
program  analyzed  the  submission  and  compared  it  auto¬ 
matically  with  the  requirements  in  the  RFP  Algorithms 
scored  different  elements  in  the  bid,  and  the  ranking  was 
then  published  to  a  Web  site  where  it  could  be  seen,  and 
compared  with  the  other  bids.  Vendors  began  changing 
their  bids  to  improve  their  score. 

CMS  currently  is  negotiating  final  terms  with  selected 
vendors,  so  Stevenson  won’t  be  specific  about  results.“We 
were  very  pleased,”  he  says. “We’re  in  a  far  better  situation 
[for  telecom]  than  we  were  before.”  Among  other  benefits, 
the  auction  yielded  some  attractive  cellular  pooling  plans. 

The  return  on  investment  is  manifest,  and  it’s  not  limited 
to  the  “per-widget  cost  savings,”  Stevenson  says.  ROI  in 
such  contracts  means  putting  a  value  on  things  like  a 
contract’s  “terms  and  conditions,”  or  on  having  an  “out- 
clause”  to  exit  a  service  that  isn’t  paying  off  for  the  utility. 

“We’ll  keep  using  this,”  Stevenson  says.  ■ 


Online  reverse  auctions  in  action 

Advanced  tools  and  third-party  expertise  from  companies  make  reverse 
auctions  easy  to  administer,  while  electronic  bid  submissions  speed  the 
process.  Bid  rankings,  displayed  online  for  all  to  see,  induce  bidders  to 
revise  their  proposals.  Here’s  what  an  online  auction  provided  by  Applied 
Research  Technologies  looks  like. 
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Non-price  terms  and 
conditions 

This  auction  scores  bids  on  1,500  non¬ 
price  terms,  such  as  service  uptime,  in 
a  global  telecom  contract  for  a  big 
financial-services  firm.  The  higher  the 
rank,  the  more  closely  the  carrier 
satisfies  the  firm’s  requirements.  Carrier 
A  is  lowest  ranked,  but  quickly  changes 
its  bid  to  score  higher,  though  Carrier  C 
continually  improves  its  highest  position. 


Analysis  tools 

Applied  Research  Technology  software  parses  out  the 
data  from  the  submitted  bids  into  packaged  reports  and 
ad  hoc  queries.  Here,  a  user  selects  items  from  different 
reports  for  different  bidders  to  compare  them.  Tlie 
software  will  create  and  display  the  resulting  report. 


Total-cost  ranking 

Six  carriers  change  their  bids  several  times  to  win  a  two-year  contract,  covering  17,500 
line  items,  for  wireless  and  related  services  with  a  Fortune  500  high-tech  firm.  The 
incumbent,  bidding  first  near  S35  million,  eventually  drops  to  about  $25  million. 


[Voice  Traffic]  Wireless  -  Si 
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Yes,  you  can  Switch 
Power  over  the  Internet 


Servers,  routers,  and  other  electronic  equipment  sometimes 
“lock-up,”  often  requiring  a  service  call  to  a  remote  site  just  to  flip 
the  power  switch  to  perform  a  simple  reboot... 

The  NBB  “Mini”  Boot  Bar  Power  Switch,  gives  you  the  ability  to 
perform  this  function  from  anywhere! 

■  Web  Browser  Access  for  Easy  Operation 

■  Telnet  and  Serial  Access 

■  Encrypted  Password  Security 
ll  Five  Individual  Outlets 

■  Power-up  Sequencing 

■  On  /  Off  /  Reboot  Switching 

■  Versatile  Zero  U  Mounting 
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"Keeping  the  Net.. .Working!" 


Know  when  enough  is  enough 

...even  when  you're  not  there. 


Avoid  overloading 
circuits 

Monitor  the  current  draw 
as  you  install  equipment 

Protect  circuit  from 
unauthorized  use 

Turn  outlets  off  when  not  in  use 

Avoid  in-rush  current 
overload 

Outlets  are  turned  on 
sequentially 

Manage  power  via 
Network  Interfaces 

Built-in  Web,  SNMP,  Telnet 
support 
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APC's  advanced  Switched  Rack  Power 
Distribution  Units  let  you  feel  secure 
whether  you're  installing  equipment  or 
away  from  the  data  center. 

Now  you  can  remotely  control  power 
to  individual  outlets  and  monitor 
aggregate  power  consumption  via  local 

and  remote  displays.  Access,  configure 
and  control  the  APC  Switched  Rack  PDU 
through  Web,  SNMP  or  Telnet  interfaces. 

From  basic  power  distribution  to 
controllable  outlets,  APC  has  solutions  up 
to  5.7  kW  to  fit  your  IT  environment 
needs.  See  our  entire  line  of  rack  PDUs 
online  at  www.apc.com. 


Every  product  carrying  this  mark  has  been 
tested  and  certified  for  use  with  InfraStruXure* 
architecture.  Before  you  buy.  check  for  the  X  to 
guarantee  product  compatibility. 


Enter  to  WIN  a  FREE  APC  Rack  PDU  today. 

Vwthttpy/promojpcxom  Key  Code  n666y  •  Call  888-289-APCC  x6647  •  Fax  401-788-2797 

an  Corporation  All  Trademarks  are  Pie  property  of  the*  owners  E-mail  esupponQapcc  com  •  132  Fairgrounds  Hoad.  West  Kingston.  M  02892  USA 


With  over  15  million 
satisfied  customers, 

APC  s  Legendary  Reliability' 
guarantees  peace  of  mind. 


Legendary  Reliability* 
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■  Secure  Shell  (SSHv2)  Encryption 

■  Simultaneous  SSH  or  Telnet 

■  Non-Connect  Port  Buffering 

■  SYSLOG  Reporting 

■  SNMP  Capability 

■  Any-to-Any  Port  Switching 

■  IP  Security  Features 

■  10/100  Base-T  Ethernet  Port 

■  Port-specific  Password  Protection 

■  Data  Rate  Conversion 

■  1 1 5/230VAC  or  -48VDC  Models 

The  SCM-16  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers  and  any  other  network  elements  which  have  a  serial  console 
or  craft  port.  System  administrators  can  access  serial  maintenance  ports 
over  the  network  via  SSH  connections  and  simple  menu-driven  commands, 
or  through  a  discrete  TCP  port  connection  mapped  directly  to  one  of  the  Visit  website  for  Complete  NetRedCh™  product  line. 

SCM-16  serial  outputs. 


There  is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


OBSERVER 


OBSERVER 


SUIT 


Quickly 

Prevent 


Observer 
* 995 


Expert 
Observer 
$ 2895 


Observer 
Suite 
* 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  444  (0)  1959  569880  •  Fax  (0)  1959  569881 


NETWORK 

INSTRUCTS 


©2002  Network  Instruments,  LLC.  Observer,  “Network  Instruments"  and  the  “N  with  a  dot”  logo  are  registered  trademarks  ot  Network  Instruments,  LLC 
All  other  trademarks  are  property  of  their  respective  owners. 
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APC  KVM  Switches  give  you 
full  control  of  up  to  8  servers 
with  just  one  keyboard, 
monitor,  and  mouse 

APC  KVM  Switches  eliminate 
the  need  for  a  keyboard, 
monitor,  and  mouse  dedicated 
to  each  server.  Thus,  APC 
KVM  switches  can  reduce 
your  hardware  and  energy 
costs  while  saving  valuable 
rack  space. 

By  using  one  point  of  control 
for  up  to  64  servers,  APC 
KVM  switches  increase  the 
availability  and  manageability  of 
your  server  environment. 


Manage  and  View  64 
Servers  in  Just  2U. 


FEATURES  INCLUDE 

•  8  port  solution  supports  any 
combination  of  PC  (USB  & 

PS/2)  and  Sun  computers. 
Cascading  functionality  allows 
for  support  up  to  64  systems. 

•  Configure  and  control  your 
APC  KVM  Switch  with  On- 
Screen  Display. 

•  Hot  Pluggable  Operation 
enables  you  to  add  servers 
without  having  to  power  off 
the  switch  or  servers. 

•  Move  between  servers 
in  one  of  three  ways:  via 
the  push-buttons,  with  the 
scan  button  or  with  a 
keyboard  sequence. 


Combine  APC's 
Rack-mount  LCD 
Monitor  with  an  APC 
KVM  Switch  to 
control  and  monitor 
up  to  64  servers 
while  utilizing  only 
2U  of  rack  space. 
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IlnfraStTuXure 
I  "APC 


Every  product  carrying  this  mark 
has  been  tested  and  certified  for  use 
with  Infra StruXure  "  architecture. 
Before  you  buy,  check  for  the  X  to 
guarantee  product  compatibility. 


n 


Enter  to  WIN  a  FREE  APC  LCD  Monitor  today.  A  $2239  value! 

Visit  httpy/promojpcxom  Key  Code  n665y  •  Call  888-289-APCC  x6646  •  Fax  401-788-2797  j 

©2003 American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners.  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  j 


APC’s  Rack-mount 
LCD  Monitor  saves 
rack-space  and  provides 
instant  manageability 

As  floor  space  in  your  IT 
environment  becomes  more 
expensive  to  allocate,  you 
need  to  use  your  rack  space 
as  efficiently  as  possible. 

An  APC  rack-mount  LCD 
monitor/keyboard  drawer 
offers  you  the  same 
functionality  of  a  CRT 
monitor,  monitor  shelf, 
keyboard  and  drawer,  while 
using  only  1 U  (1 .75")  of 
rack  space. 

With  over  15  million  satisfied 
customers,  APC's  Legendary 
Reliability"  guarantees  peace 
of  mind. 


FEATURES  INCLUDE 


•  A  full  size  keyboard  with  104 
full  travel  keys  and 
integrated  number  pad. 

•  15"  LCD  monitor  with  on¬ 
screen  display  adjustments. 

•  Integrated  trackball 
eliminates  the  need  for  an 
external  mouse. 

•  Able  to  connect  to  a  server 
or  KVM  switch  via  a 
standard  VGA  connector. 


Legendary  Reliability* 


AX3A3EP-US 


I  to  IOOO  remote  servers  are  within  your  reach 


Over  IR  Fiberior  Cat  5 


c^ssT^ou r  s e rve r ( s )  from  ANYWHERE 
with  the  push  of  a  button!  1\ 


USA  toll  free 
ROSE  US 
ROSE  Europe 
ROSE  Asia 


800  333  9343 
281  933  7673 
+44  (0)  1264  850574 
+65  6324  2322 


WWW.ROSE.COM 


REMOTE  KVM  ACCESS  OVER  IP 

■  Connect  to  remote  computer  over  Ethernet  or  dial-up 

*  Single,  dual,  quad  models 

Local  KVM  port  to  access  computers  at  UltraLink  unit 

»  Modem  port  with  dial-back  security 
!»  Up  to  1280x1024  resolution,  supports  all  platforms 

■  Easy  to  install,  give  it  an  IP  address  and  run  the 
remote  client,  no  licensing  required 

■  Scaling  of  computer  image  reduces  amount  of  data 
sent  and  permits  fast  screen  updates  over  slow  links 

■  Quad  screen  mode  allows  you  to  see  four  servers 
from  one  screen 

■  SSL  security  and  passwords  prevents  unauthorized 
access 


CrystalView™  Mini 
CAT 5  KVM  EXTENDER 

♦  Extends  KVM  station  up  to  150 
feet  away 

♦  optional  serial/audio 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1280x1024  resolution 


CrystalView™ 

CAT 5  KVM  EXTENDER 

♦  Extends  your  KVM  station  up  to 
1000’  from  your  computer 

♦  Supports  PC,  Sun,  or  USB, 
optional  Audio/Serial 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1 600  xl  200  resolution 

♦  Available  as  standalone,  rack 
mounted,  or  high  density  chassis 


ELECTRONICS 

Rose  Electronics  ■  10707  Stancliff  Road  •  Houston,  Texas  77099 


CrystalView™  Pro 

DIGITAL  KVM  EXTENDER 

OVER  FIBER  OR  CAT  5 

♦  Extends  KVM  signals  up  to  33,000 
feet  away 

♦  Uses  only  two  fibers  or  single  Cat  5 

♦  Supports  DVIA/GA,  PC,  Sun,  USB, 
optional  Audio/Serial 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1 600x1 200  resolution 


CrystalView™  Rack 
CAT 5  KVM  EXTENDER 

♦  Extends  the  distance  from  6  or  1 2 
PC’s  up  to  1 000  feet  away 

♦  optional  serial/audio 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1 600x1200  resolution 
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Can  You  Find  the  Legitimate  Email? 


areat  Financing  for  your  Home  Improvement!  Attract  Women  Like  a  Playboy.  W32/Bugbear.A  Lose  Weight  NOW  $860  transfer  to  your  accc 
3ayroil  Information!  In  Order  to  be  Successful,  One  Must  Project  an  Image  of  Success!  Subscribe  Today!  FREE!  W32/BackOrifice2K  Incre 
Bet  a  Mercedes  for  Yourself.  Earn  Huge  $$$  Just  for  Browsing  the  Internet!  X97Yawn.A  FW:  Good  Stuff  Click  Here  to  Win  a  42  Inch  Plasm 
110,000  Waiting  for  You!  HUGE  Savings  and  Discounts  FW:  Good  Jokes!  Natural  Breast  Enlargement  W32/Scorpina  One  Minute  Auto  Los 
V  Sexy  Body  in  Just  Days.  RE:  Request  for  a  Cleaner  Credit  W32/SQLSiammer.A  Limited  Time  Offer!  Join  us  Today!  Chat  with  singles  in  y 
:WI:  Work  From  Home  and  Earn  Thousands  $  Viagra  Shipped  Overnight.  FREE!  Don't  Wait  Another  Day  12765  You  Are  Approved  for  a  N 
:orward  this  Email  to  Help  a  Poor  Child  in  Need  WM/Showoff.D  Register  NOW  for  a  Free  Vacation  WM/Npad.A  $$$  Earn  your  degree  in  C 
Tee  Credits  for  Your  Pet's  Medication!  INCREDIBLE  Offer!!!  Don't  Miss  JS/Cooisife.A  RE:  Access  your  PC  Anywhere.  I've  grown  a  size  bic 
174397  Tired  of  Dating?  I  Want  Action  Now!  W32/CodeRed  RE:  Important  Meeting  on  Tuesday  564TKD  Blow  Out  Sale!  kiko,hi  there  -  $25^ 
398M/Corner.A  FW:  Look  at  These  incredible  Pics!  Start  Earning  Dollars  Today!  Sick  of  Bad  Credit?  We  Will  Help  You!  Live  A_duit  WebCa 
Vhy  Pay  More  for  a  New  Car?  Grow  it  Like  a  Man...  $$  VBS/Districts.A  Russian  Women  Looking  for  Husbands  in  your  Area  [  hair  restorati* 
IE:  New  to  Your  Area  239654EE*43  Feel  Like  You're  18  Again!  FREE  Trials  for  Herbal  Viagra  X97M/Divi  WOW!  Out  of  Control!  NBA  pics  C 
become  a  Web  Marketing  Specialist  in  3  Days.  Low  Mortgage  Made  Easy!  University  Diplomas.  No  more  impotence!  New  3Meg  DSL  Serv 
Vin  a  Color  Laser  Printer  Win2K/Cluster.B  Your  Private  Gold  Mine  Invitation  j  Premium  Red  Hot  Action  Lowest  Rates  Online...  below  5%  o 
5rivate  delivery  to  your  home  Urgent  AC  #1289  RE:  wrestling  cops  W32/ILoveU.A  world’s  smallest  digital  camera  Make  some  serious  cast 


We  can. 

(By  the  way,  you  have  an  important  meeting  on  Tuesday.) 


%  VircoM 

www.vircom.com 


Rid  your  corporate  inbox  of  harassing  spam  and  viruses.  Today.  Forever. 


SENSAPHONE4 

IIV1ES 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 

Alarming 


Internal 

UPS 


Power 

Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
&  Pager  Port 


8  RJ-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/fire) 


Microphone 

for  Sound 
Monitoring 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Packet  Sniffing  Made  Simple 


Iris®  Network  Traffic  Analyzer 


•  Decoding  and  Reconstruction 
of  Network  Traffic 


•  Network  Activity  Monitoring 

•  Comprehensive  Traffic  Stats 


•  Keyword  Filtering 

•  Alerting  Capabilities 

uABli si 


i  &  View  £apture  Qecode  F Iters  loots  Help 
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20  mendark  (192.168.1.13 
^  TCP- >  HTTP  (80) 

Q  TCP->  POP3  (1 10) 
i-  ®  TCP-  >MSN  Messeng 
Ion]  TCP- >1307  (1307) 
ES9  TCP-  >  METBIOS-SSN 
15J  ZAPPER  (192.168.1.14) 
folil  TCP-  >  NETB10S-55M 
TCP- >  POP3  (1 10) 
TCP->  HTTP  (BO) 


Decode 


Hosts  activity  <  -  ♦  X 


No.  j  Date/Time  (H:P:V/h:ro:s:ms)  j  Ctent  Server 


*g0  10:13:2001/9:53:33:755  mendark  lw7fd  law7.hotnwil.msn. corn  (216  33.236.250)  1586 


H  f-'fO  Q  Ck  Ond 


\ ,  k  How  long  does  it  take 
flYSfl.  *  L  artists  to  get  discovered? 

otmail 


n 


Home  Inbox  Compost 


hcta&iiccm 

;  Seve  Addmaafes)  Bbck 

From:  mfo^aetfluc  ccw 

Ta  :  Qhc  tnuiLcoRt 

St&jftft  :  W«*v»  Ra»iv»d  TJw  «.***»  (2001)  -  8-t*  It  How' 

Da*:  Tn,  12  Oct  2001  09:51 :54  -0700  (PDT) 

Rtcl7  PjpIv  SU  ?«iv.md  Ctltit  I  Pul  in  Folae'  £] 


Pmrviamt  Neat  J  Cl/^ 


Sixties 

Links 
Hefc  4  I 


http://ads  msn.oofn/ads|nedre<rt.dlyCTCM)OOe2d747E  CPU:  0%  ■H33/2050  IP:  192.l68.I.!3MAr:  08:00:46:00  S3:E9  t&hit.r  ^  : 


Download  a  FREE  Whitepaper  and  FREE  Trial  of  Iris: 
www.eEye.com/Freelris  or  call  866.282.8276 


Iris  Network  Traffic  Analyzer  enables  instant  capturing,  decoding, 

<e> 

and  visual  reconstruction  of  network  activity. 
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10/100  BaseT  Ethernet 

IP  for  HTML,  SNMP  S 
Telnet  Management 


RS-232 
Serial  Management 


Link  Port 
(daisy  chains  to) 

Expansion  Module 


Power  Tower  XL 

•  Outlet  Grouping  across 
power  circuits 

•  Input  Current  Monitor 

•  New  HTML  GUI 

•  Power-up  Sequencing 

•  Zero  U  vertical  and  Rack- 
mount  horizontal  models 

•  Add  a  second  Power  Tower 
to  manage  32  power-ports 


»  .  v  i  v 


«  f.  Sentry  Power  Tower. 

Equipment  Cabinet  Solutions. 


'*■  ’A'* 

Server  Technology,  Inc. 

1040  Sandhill  Drive  Reno,  Nevada  89511  USA 

■gw*;-*  •  7^7 

Vreb:  www.servertech.com  toll  free:  1.800.835.1515 


dtSearch 


Instantly  Search 
Gigabytes  of  Text 


♦  Search  across  networks,  intranets,  and  web  sites 

♦  Publish  large  document  collections  to  web  or  CD/DVD 


♦  over  two  dozen  indexed,  unindexed,  fielded  and  full-text  search  options 

♦  highlights  hits  in  HTML  and  PDF  while  displaying  embedded  links,  formatting  and  IliiMlMI 


Web 


♦  converts  other  file  types— word  processor,  database,  spreadsheet,  email,  ZIP,  XML, 
Unicode,  etc.— to  HTML  tor  display  with  highlighted  hits 

♦  developer  products  have  easy  wizard-based  setup;  optional  API 


“Searches  at  blazing  speeds” 
-  Computer  Reseller  News 
Test  Center 


“Intuitive  and  austere  ...  a 
superb  search  tool”  -  PC  World 


In  the  past  year  alone,  over 
half  of  the  current  Fortune  10 
have  purchased 
developer  or 
network  licenses 


“Very  powerful ...  a  staggering 
number  of  ways  to  search” 

-  Windows  Magazine 


Spider 

♦  included 
with  Desktop, 
Network  and 
Web 


The  Smart  Choice  for 
Text  Retrieval  since  1991 


Text  Retrieval 
Engine 

♦  for  Win  &  .NET 

♦  for  Linux 

♦  call  for  pricing 


“Blindingly  fast”  -  Computer 
Forensics:  Incident 
Response  Essentials 

“A  powerful  text 
mining  engine  ... 
effective  because 
of  the  level  of 
intelligence  it  displays 
-PCM 

dtSearch  “covers  all  data 
sources ...  powerful  Web- 
based  engines”  -  eWEEK 

5eewww.dtsearch.com  for: 

♦  developer  case  studies 

♦  fully-functional  evaluations 

1  -800-IT-FINDS 

sales@dtsearch.com 


Industrial-strength 
superb'-PC  M»g«tn 


c 

$800 


.0AS  •  COBAtr 


Tel:  408.727.1122 
Fax:  408.727.8002 

343  1  DE  LA  CRUZ  BLVD. 
WWW.RECURRENT.COM 


EeCEftR^t 

technologies,  inc. 
SANTA  CLARA,  CA  95054 
INFa@RECURRENT.COM 


For  More  Fnfortv>ation 
on  ad^er+mo^  Fo 
^etworfc  Worley  Market  Place: 
800-1*11-1108 
Jr^ya(eySnww«coM 
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We  Buy  New/Used 

CISCO 


714-878-2953 

Call  us  today  to  recover 
your  assets 

You  got  the  gear, 
we  got  the  cash! 


SECUREMATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  SONICWALL 
Security  Products! 

•  Inventory  on  hand 

•  Aggressive  prices 

•  Added  margins  with  training 

•  Pre  sales-Post  sales  support 

Securematics  is  a  SonicWALL  Authorized  Distributor 
And  Authorized  Training  Partner. 


To  sign  up  for  the  Medalion  Partner  Program,  please  contact  us. 


Call  -  888-746-6700  sales@securematics.com  www.securematics.com 


TuivTi 


NEW 


WRCA.NET 

,  800-699-9722 

|ae> 


Worldwide  Provider  of  Network  Merdwere  elnoe198t 


USED 


50%-90%  Discounts 

Cisco  Livingston  Ascend  Lucent 
3Com  US  Robotics  Kentrox 
Adtran  BayNetworks  Xyplex 
Racketeer  Computone  Patton 
Extreme  Networks 

Modems  /  DSU  /  Muxes 

IBM  UDS  Codex  Hayes  GDC 
Micom  Microcom  Paradyne 
ATT  MultiTech  Penril 
Racal  Telebit  Zoom 

BUY  AND  SELL 

800-699-9722 
www.wrca.net 
AS5x  VOIP  /  EXS  2000 


'Ul 

OptimumDatalnc. 


toll  free  800  879  8795 
ph:  + 1  402  575  3000 
fax: +1  402  575  2011 


www.optimumdata.com 


We 

Ui 


1 2Qi|qf^MilMnBw 

Cisco  •  Paradyne  •  ADTRAN  •  Sun  •  Extreme  Networks 

'  J  ft  - 


CISCO  NORTEL 

NEW  •  REFURB  /  BUY  •  SELL 


Cisco 

WS-C1924C-EN  Reg.  $350 


Fax  Equipment  List 
To  801-377-0078 

N0RTEL 

NETWORKS 


Bay  Networks _ 

CiitcSritnis 

I  3sl 


Cisco  2501  Reg.  $275 


caaeTRon 

_ SYSTem 


888-8LANWAN 

Call  for  Free  Quote!  (888-852-6926)  www.nle.com 


Certified-As-New 


One-Year  warranty 


►  Largest  warehouse  of  used  Cisco 

►  Highest  quality  and  lowest  prices 

►  Over  5000  satisfied  customers 


Call  or  email  for  a  fast  quote. 

800.438.3558 


sales@digitalwarehouse.com 


^  digitalwarehouse.com 


Systems/Features/Memory 

cunp 

EQUIMENT 

GBICs/Cables/Parts 

Also  Available:  Extreme,  Adtran 

In  Stock  •  Fast  Delivery  •  No  Expedite  Charges 

COMSTAR,  INC. 

The  #1  Network  Remarketer 


Fax  952*835*1927  www.comstarinc.com 


Network  Resource  Solutions,  Inc. 


NORTEL 


NETWORKS 

Cisco  Systems 


(wrrW 


BUY  &  SELL 


800-503-1350 

SALES@NETWORKRS.COWI 

www.usednortelnetworks.ccrr 

— ■— — u— — — — — r»gw— »  inu  .  -  ■>  * mm  mu  v*. 
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Advertising  Supplement 

IT  Careers:  Efforts  Target  Diversity  Hiring  in  IT  Profession 


Two  major  initiatives  are  pushing  the  role  of  minority 
hiring  as  the  information  technology  profession  gears  up  to 
add  people.  The  NAACP  and  Society  of  Hispanic 
Professional  Engineers  are  coordinating  with  SHOMEX,  one 
of  the  nation's  leading  diversity  job  fair  firms,  to  provide 
information  to  companies  and  professionals. 

According  to  Cristopher  Levy,  vice  president  of 
marketing  for  SHOMEX,  his  firm  pulsed  more  than  15,000 
companies  who  use  SHOMEX  to  identify  seven 
communities  to  implement  information  technology, 
information  systems  and  engineering  related  job  fairs.  The 
fairs  -  to  be  held  in  Boston,  Chicago,  Dallas,  Los  Angeles, 
Philadelphia,  Santa  Clara,  CA  and  Washington,  DC  -  will 
feature  a  range  of  high  tech  and  non-IT  companies.  "They 
are  consumer  products,  food  service,  and  large 
manufacturers  such  as  Northrop  Grumman  and  Raytheon," 
says  Levy.  The  job  fairs  reflect  SHOMEX's  effort  to  expand 
diversity  partnerships  in  the  major  metro  markets.  "We  will 
continue  to  work  with  NAACP  branches  and  state 
conferences,  but  will  also  expand  partnerships  with  the 
Urban  League,  LULAC,  BDPA  and  other  leading  diversity  groups. 

"Just  as  important  is  that  there  are  certain  key 
(geographic)  markets  to  watch  and  certain  sectors,  from 
security  and  defense  to  pharmaceuticals  and  health  care," 
Levy  says.  "And  while  our  business  model  has  long  been 
one  that  has  expertise  in  diversity  recruiting,  we're  seeing 
this  hiring  surge  as  a  reflection  of  economics  as  much 
as  ethnicity." 


During  National  Hispanic  Heritage  Month  (Sept.  15-0ct. 
15),  additional  focus  was  given  to  the  Hispanic  Engineering 
and  Information  Technology  report,  "Latinos  and 
Information  Technology:  The  Promise  and  the  Challenge." 
Commissioned  by  IBM  and  conducted  by  the  Tomas  Rivera 
Policy  Institute,  the  study  pinpointed  that  African- 


Americans,  Latinos  and  Native  Americans  make  up  1 5%  of 
the  total  U.S.  workforce.  However,  they  claim  only  6.7%  of 
computer  and  information  science  jobs  and  5.9%  of 
engineering  opportunities.  Just  as  important,  Latinos 
comprise  1.7%  of  the  U.S.  computer  science  faculty  and 
4.9%  of  the  engineering  faculty.  On  the  extreme  opposite 
side,  42%  of  Hispanic  youths  drop  out  of  high  school. 


Those  are  data  points  the  Hispanic  Digital  Divide  Task 
Force  is  out  to  change.  The  group  has  set  four  basic  goals  - 
to  assure  access  to  the  Internet  and  provide  for  its  use  by 
the  Hispanic  community;  provide  learning  opportunities  for 
computer  literacy;  develop  employment  opportunities  in  IT; 
and  analyze  institutions  and  individuals  who  can  help  lead 
the  effort. 

Serving  on  the  task  force  are  Victor  Cabral,  VP- 
Government  and  Hispanic  Affairs,  Verizon  Communications; 
Maria  Villar,  VP-eBusiness  Transformation  Planning,  IBM 
Corporation;  Ronald  Blackburn  Moreno,  President  and  CEO, 
ASPIRA;  Raul  Cosio,  VP-eBusiness  Transformation,  IBM; 
Antonio  Flores,  President,  Hispanic  Association  of  Colleges 
and  Universities;  Luis  Miranda,  President,  Miranda  y  Mas; 
the  Hon.  Silvestre  Reyes,  D-TX,  U.S.  House  of 
Representatives;  and  Carmen  Varela  Russo,  CEO,  Baltimore 
Public  Schools.  The  net  result  will  be  that  companies 
looking  to  reflect  the  footprint  of  their  companies  will  be 
seeking  technical  talent  from  a  diverse  pool,  one  that  is 
highlighted  by  the  task  force's  work  and  at  the  SHOMEX 
job  fairs. 

For  more  information  about  IT  Careers  advertising, 
please  contact: 

Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Hedden 


Get  Ahead  In  Your  Career! 


Meet  Face-To-Face  With  Leading  Employers  At  The... 

CareernuR 


WASHINGTON,  DC 

Tues.,  October  21 
McLean  Hilton  Hotel 

7920  Jones  Branch  Drive  •  Tysons  Comer,  VA  22102 

Partial  List  of  Employers  Includes:  AT&T 
Government  Solutions.  DigitalNet,  EDS.  Federal 
Aviation  Administration,  First  Union/Wachovia. 
General  Dynamics.  General  Electric.  Jefferson 
Laboratory,  Merck,  Northrop  Grumman,  Orkland 
Corporation  and  SAIC. 


GREENBELT,  MD 

Thurs.,  October  23 
Martins  Crosswinds 

7400  Greenway  Center  Drive  •  Greenbelt,  MD  20770 

Partial  List  of  Employers  Includes:  Andrews 
Federal  Credit  Union,  Choice  Hotels 
International,  Computer  Sciences  Corporation, 
GlaxoSmithKline.  Honeywell  Technology  Solution, 
Perot  Systems  -  Government  Services,  Signia 
and  Starbucks  Coffee  Company 


Exhibit  Hours  for  Both  Events:  11:30am  -  4:30pm  •  Free  Admission 

Employers  -  To  exhibit,  please  call  Gloriann  Clark  at  310-309-4409 


For  the  latest  information,  visit  diuersitycareereNpos.com. 


Silicon  Laboratories  Inc.  is  hiring 
for  the  following  positions: 

Circuit  Design  Engr  -  Design 
analog  &  digital  circuit  for  data 
conversion  &  comm  apps;  Min 
req't:  MSEE  or  BSEE  +  5  yrs. 
exp. 

RF  Mixed-Signal  Design  Engr  - 
Design  RF  ICs  for  consumer 
electronic  wireless  comm  eqpt 
from  design  capture  &  layout  to 
test  &  evaluate  prototype; 
Minreq't:  MSEE  or  BSEE  +  5 
yrs.  exp. 

Sr.  Circuit  Design  Engr  -  Design 
analog  &  digital  ICs  for  con¬ 
sumer  electronic  wireline  comm 
eqpt  from  design  capture  &  lay¬ 
out  to  test  &  evaluate  prototype; 
Min  req't:  Ph.D.  EE. 

Complete  job  description  at 
www.silabs.com/careers.  Send 
resume:jobs_design@silabs.co 
m  or  HR  Dept.  4635  Boston 
Lane,  Austin,  TX  78735.  NO  IN 
PERSON  APPLICATION 


Software  consultancy  in  Keene, 
NH  seeking  a  SE  or  Prog / 
Analyst  with  Bachelors  in  CE, 
EE  or  rel.  1  yr  of  RDBMS 
(Oracle  or  mySQL)  experience  a 
must.Applicant  will  convert  pro¬ 
ject  specifications  and  state¬ 
ments  of  problems  and  proce¬ 
dures  to  detailed  logical  flow 
charts  for  coding  into  computer 
language.  Will  develop  and  write 
computer  programs:  will  analyze 
user  requirements,  design, 
code,  test,  debug,  implement 
and  upgrade  computer  security 
systems.  Will  primarily  analyze 
and  design  databases  and  must 
have  in-depth  knowledge  of 
relational  database  manage¬ 
ment  systems  such  as  Oracle 
and  mySQL.  Travel  required. 
Salary  45K  per  year  Send  2 
copies  of  your  resume  to:  Job 
Order  »  2003-313.  PO  Box 
989,  Concord.  NH  03302-0989 


Software  Engineer  (2  positions) 
-  Research,  design  and  develop 
computer  software  systems  in 
conjunction  with  hardware  prod¬ 
uct  development  applying  princi¬ 
ples  and  techniques  of  computer 
science,  engineering  and  math¬ 
ematical  analysis.  Design  and 
implement  computer  software 
systems  writing  Active  Server 
Pages  using  Visual  Basic. 
Various  unanticipated  locations 
throughout  the  U.S.  Requires 
Master  or  equivalent*  in 
Computer  Science,  Engineering 
or  Mathematics.  'Equivalent  is 
Bachelors  plus  5  yrs  exp. 
Requires  3-5**  yrs  exp  in  the  job 
offered  or  3-5"  yrs  exp  as 
Systems  Analyst,  Programmer 
Analyst,  Systems  Engineer.  "3 
yrs  exp  if  Masters  of  5  yrs  expe¬ 
rience  if  Bachelors.  Must  have 
1  -yr  exp  writing  Active  Server 
Pages.  5  day,  40  hr/wk, 
$78,000/yr.  Please  mail 
resumes  to  Workforce 
Development  Programs.  PO 
Box  46547,  Denver,  CO  80202 
and  refer  to  order  number 
C05058206. 


SYSTEMS  ANALYST  to  provide 
on-site  consulting  in  analysis, 
design,  development  and  imple¬ 
mentation  of  business  to  busi¬ 
ness  applications  on  IBM 
AS/400  using  COBOL,  RPG  and 
CL;  extensive  use  of  web  pro¬ 
gramming  tools  including  Java, 
HTML,  JavaScript,  Visual  Basic, 
Cold  Fusion  and  MS  SQL 
Server,  Oracle  and  MS  Visual 
Studio.  Require:  Bachelor,  or 
equivalent  (three  years  of  pro¬ 
fessional  experience  is  equiva¬ 
lent  to  one  year  of  college  level 
education)  in  Computer  Science 
and  two  years  experience  in  the 
job  offered  40%  travel  to  client 
sites  within  the  United  States 
required.  Competitive  salary 
and  benefits.  40  hours/week.  M- 
F.  Mail  resume  to:  Vice 
President.  Frontline  Consulting 
Services,  Inc.,  8701  Mallard 
Creek  Road.  Charlotte.  NC 
28262. 


Information  Systems  Coor¬ 
dinator  wanted  to  coordinate 
employer's  information  technol¬ 
ogy  needs,  including  hard¬ 
ware/software.  Analyze  employ¬ 
er's  information  technology 
needs  and  determine/implement 
necessary  solutions,  proce¬ 
dures.  Provide  system/data 
management  support  to  CAD / 
CAE/CAM/CMM  Group.  Work 
to  integrate  enterprise  wide 
information  system  to  include 
MAS90/W  system,  Microsoft 
Office  Suite,  Novell  and 
Windows  NT  network  operating 
systems,  bar  coding,  databases 
and  software.  40  hrs/wk,  8:00 
a  m.  to  5:00  p.m.;  $61,552.40/yr; 
Requires  Master's  Degree  in 
Computer  Science,  plus  4  yrs. 
exp.  in  Job  Offered  or  4  yrs.  exp 
as  Computer  Consultant  and/or 
Senior  Computer  Consultant. 
Send  resumes  to:  P.O.  Box 
11170,  Detroit.  Michigan  48202, 
Reference  No.  211309. 
Employer  Paid  Ad. 


COMPUTER 

PricewaterhouseCoopers  LLP’s 
Forensic  Technology  Solutions 
practice  has  opportunities  avail¬ 
able  for  experienced  profession¬ 
als  in  the  area  of  Computer 
Systems  Analyst.  Position 
requires  a  bachelor's  degree 
(master's  preferred)  in  CS  or  MIS 
and  1  to  5  yrs  related  exp , 
including  exp  with  database 
development,  application  devel¬ 
opment,  and/or  computer  foren¬ 
sics.  Job  site/location:  NY,  NY 
Interested  candidates  please  ref¬ 
erence  job  code  52YMD8  &  fax 
your  resume  to  MMR  at  267-330- 
4320  No  phone  calls  please 
Employer  will  only  consider 
applicants  authonzed  to  work  for 
any  employer  in  the  U.S. 
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Software  Analyst/Developers 
needed  at  client  sites  to  dsgn 
tech'l  architecture  for  Ig.  enter¬ 
prise  level  multi-tiered  applies 
addressing  critical  bus  re-engg 
needs  specific  to  telecom  indus¬ 
try  using  UML  processes  & 
Rational  Rose  2000.  Other  tools 
used:  XML  SPY,  IBM 
WebSphere  platform,  Unix 
Kernel  Prgmg  for  BSD,  Silk, 
Visual  Cafe,  WSAD,  &  Dsgn 
Patterns  among  others.  Apply 
to:  Global  Consultants.  Attn: 
Hireme,  25  Airport  Rd, 
Morristown.  NJ  07960. 


Programmer  Analyst  needed 
w/exp  in  s/w  application  mod¬ 
ules  using  UNIX,  Oracle, 
PL/SQL,  Java  &  ASP.  Create 
and  maintain  data  loading  map¬ 
pings  using  ETL-Informatica 
tool.  Create  run  &  support  web- 
based  Business  Intelligences 
using  Microstrategy  tool. 
Implement  version  control  using 
PVCS  &  other  available  tools. 
Develop  OSS  &  DSS  Reports 
using  Lotus  notes.  Send 
resumes  to:  E  Center,  Inc.,  5170 
North  53rd  St.,  Milwaukee,  Wl 
53218.  No  in  person  inter¬ 
views/resumes;  respond  by  Mail 
only. 


SBI  is  looking  for  the  following 
positions  for  its  offices  in 
Houston,  TX,  San  Francisco, 
CA,  Warren,  NJ,  Salt  Lake 
City,  UT  and  Portland,  OR: 
Art  Director,  Web  Designer, 
Programmer  Analysts,  Tech¬ 
nical  Architects,  Technical 
Consultants,  Business  Strate¬ 
gists,  Systems  Analysts,  Soft¬ 
ware  Engineers,  Software 
Developers,  resumes  by 
email  or  fax  only  to  HR,  SBI 
2825  East  Cottonwood  Park¬ 
way,  Suite  480,  Salt  Lake  City, 
UT  84121: 

careers@sbiandcompany.com; 
Fax  (801)  733-3201. 


Programmer  Analyst  need¬ 
ed  w/exp  in  multi-tier  soft¬ 
ware  applications  using 
Delphi,  XML,  SOAP, 
TIBCO,  XSLT,  Oracle  & 
SQL  Server.  Send  resumes 
to:  Triple  Point  Technology, 
Inc.  301  Riverside  Ave., 
Westport,  CT  06880.  No  in 
person  resumes/interviews; 
only  respond  by  mail. 


Health  Data  Analyst 

To  develop  and  implement 
analytic  health  projects,  per¬ 
form  analyses  on  data  from 
various  sources,  and  write 
custom  health  applications. 
Req.  Master's  degree  in  sta¬ 
tistics,  computer  engineering 
or  closely  related  fields,  and 
proficiency  in  SAS,  Oracle  & 
Access.  40hrs/wk.  Fax 
resumes  to  678-527-3009. 
Code  Data2003.  EOE 


Senior  Software  Engr  wanted  by 
legal  information  services  co.  in 
NYC  to  perform  systems  design, 
prgrmng  &  testing  of  applica¬ 
tions  and  to  provide  support  for 
JDEdwards  One  World  and 
other  applications.  Experience  in 
Oracle,  SQL  &  JDEdwards  One 
World  ERP,  distribution  and 
financial  systems,  and  'C'  pro¬ 
gramming  using  JDE  API's. 
Resumes  to  CT  Corporation 
Systems,  111  8th  Ave,  NY,  NY 
10011. 


GeoTomo  LLC.  (Houston,  TX)  is 
seeking  a  Java3D  Software 
Engineer  to  develop  graphic 
visualization  tools  for  geophysi¬ 
cal  application  software  using 
Java3D  programming.  Send 
resume  to  810  Highway  6  S., 
#220,  Houston,  TX  77079/281- 
597-1 20 1(F)/281 -597-1 429(T). 
Attn:  Kendall  Lemke. 


COMPUTER 

Integral  Vision  is  seeking  soft¬ 
ware  engineers.  Duties  include: 
develop,  upgrade  &  maintain  its 
software.  Require:  BS  in  com¬ 
puter  science  or  related  major 
field,  5  years  of  experience  in 
relation  database  (Access,  SQL 
&  Oracle),  Gov.  DOT  Document 
workflow  processes  knowledge 
and  Project  Management  expe¬ 
rience.  Please  send  resume  and 
salary  requirement  to:  3176 
Lucas  Drive,  Suite  200, 
Lafayette,  CA  94549  attn:  HR  or 
email  to: 

Jobs@integralvision.com 


IT  Manager:  Develop  soft¬ 
ware  appls;  program  & 
maintain  billing/medical 
software.  Bachelors/equiva¬ 
lent  in  Comp.  Sc./ 
Engineering  w/rel.  exp. 
Resume  to  HR,  Healthcare 
America  Med.  Group,  3501 
Cortez  Rd.,  Bradenton,  FL 
34210. 


Comp.  Enng.:  Design,  develop, 
and  implement  software  sys, 
incl.  HR,  financial  and  web- 
based  sys  using  Oracle 
9i/Rpts/Designer.  CPFR, 
MSSQL  Server,  Java,  etc  3  yrs 
exp.  in  job  offd  or  related  pos. 
w/same  duties  &  BS  in  Comp. 
Sci.  Lib  Sci.  (w/comp.  related 
coursework)  or  related.  Contact: 
SP  Software,  12320  Clairmonte 
Ave.,  Alpharetta,  GA  30004. 


Software  Developer 
Develop  customized  IT  solutions 
based  on  a  client's  needs  and 
business  environment.  Must 
have  Bachelors  Degree  in 
Computer  Science  or  foreign 
equivalent  or  in  a  related  field  & 
2  yrs.  exp.  or  2  yrs.  exp.  in  a 
related  position  w/ability  to  use: 
SQL,  Visual  Basic,  Oracle 
PL/SQL,  COM+  and  MS-Excel. 
40.0  hrs./wk  8:00  AM  *  6:00  PM 
Applicants  send  cover  letter  and 
resume  to:  SRA  Systems,  1945 
Cliff  Valley  Way,  Suite  270, 
Atlanta,  GA  30329,  Attn:  S. 
Nagarajan 


Software  Engineer:  Design, 
develop,  implement  &  maintain 
web  based  global  systems  appli¬ 
cation  allowing  online  accesses 
to  the  client's  products  &  ser¬ 
vices.  Manage  &  architect  a 
solution  that  integrates  the 
clients  entire  information  system 
using  C,  XML,  XSLT,  JavaScript, 
HTML,  DHTML,  Java,  Lotus 
Notes  5.0,  lotus  Domino,  Lotus 
Script  and  Windows  NT/98.  Exp 
to  test  &  generate  reports,  user 
training  &  customizing  of  prod¬ 
ucts.  Req  BS  in  Comp.  Sci. 
Engg/Rel  field  with  2  yrs  exp. 
Wages:  $72,000/yr,  40  hrs/wk, 
8am-5pm.  Send  2  resumes  to: 
Case#200203256,  Labor 

Exchange  Office,  19  Staniford  St. 
1st  Fl„  Boston,  MA  02114. 


Seismic  Micro-Technology,  Inc. 
(Houston,  TX)  is  seeking 
Applications  Engineer.  6  mon. 
exp.  in  using  cubic  spline,  trian¬ 
gulation,  and  minimum  curvature 
algorithms.  Send  resume  to  8584 
Katy  Fwy,  #400,  Houston,  TX 
77024  or  713-464-6440(F).  Attn: 
Manager  of  HR 

Castilian  Imports,  Inc.  (Houston, 
TX)  is  seeking  a  Computer 
Support  Specialist  to  analyze, 
develop,  test,  and  maintain  busi¬ 
ness  applications  software  using 
Bar  Code  system,  SFC  system, 
Inventory  Control  system,  SQL 
Commands,  and  EDI.  1  yr.  exp. 
Send  resume  to  22008  N. 
Berwick,  Houston,  TX  77095/281- 
858-1 922(F).  Attn:  Hower  Shen. 


COMPUTER  SYSTEMS  HARD¬ 
WARE  ANALYST  sought  by  oil  & 
gas  remote  monitory  systems 
co.  in  Houston,  TX.  Must  have 
M  S.  in  Electrical  Engineering  or 
M.S.  in  Electrical  &  Computer 
Engineering,  plus  exp.  Respond 
by  resume  only  to:  Ms.  L.  Brown, 
R/P-#10,  Mgr.,  V  Monitor,  lnc„ 
1000  Old  Katy  Rd.,  Houston,  TX 
77055. 


Infogen  is  seeking  IT  profession¬ 
als.  Req.  BS.  Skills  in  following 
area  are  plus:  Oracle9i. 
Weblogic  /  WebSphere,  C++, 
Visual  C++,  VB,  COM,  STL, 
MTS,  MSMQ,  ASP,  Java,  HTML, 
XML,  MTS,  MSMQ,  ADO,  UML. 
Travel  is  required.  Send  resume 
to  infojobs@infogeninc.com. 

Comp  Consults  is  looking  for 
programmer/system  analysts, 
engineers  or  IT  consultants.  Our 
minimum  requirement  is  BS  plus 
some  experience  in  following 
area:  Oracle,  Unix,  C/C++,  VB, 
Java,  J2EE,  EJB,  XML, 
XSL/XSLT.  Please  send 
resumes  to: 

immg@compconsults.com  EOE 


Regional  Sales 
Manager  west  coast 


IT  Careers  has  an  exciting  opportunity  for  a  high¬ 
ly  motivated  and  seasoned  sales  professional  to 
join  our  team.  This  Regional  Manager  will  be 
responsible  for  selling  integrated  recruitment 
advertising  packages  consisting  of  Print  (within 
our  network  of  publications),  Online  and 
Recruitment  Event  Show  Booths,  as  well  as  other 
products  as  they  become  established.  Emphasis 
will  be  on  generating  revenue  by  developing  new 
accounts,  but  this  individual  will  be  responsible 
for  growing  existing  accounts  and  servicing 
recruitment  ad  agencies  ensuring  that  IT  Careers 
is  top  of  mind.  The  candidate  will  be  the  part  of  a 
sales  team  working  to  set  the  territory  strategy, 
therefore  collaborative  selling  skills  are  critical.  In 
addition,  this  person  must  have  a  solid  under¬ 
standing  of  the  IT  recruitment  market,  be  an 
effective  communicator  and  negotiator  and  have 
a  proven  record  in  sales.  Minimum  of  5+  years  of 
outside  sales  experience  required,  preferably  in 
recruitment  advertising  sales.  This  position  will 
be  based  in  the  candidate’s  home  office  on  the 
west  coast.  Travel  is  required. 


If  interested,  please  email  a  resume  to 
jcjobs@idg.com  or  fax  to  (508)935-4600. 
Please  include  code  ITC922  in  the  subject 
line. 


IT 


n a yppre 


Comp:  S/w  Engr,  Progmr 
Analysts,  Database  Analyst, 
Syst  Analyst,  Ntwk  Admin,  for 
NH  IT  firm.  Bach  +1  yr  exp  for 
Jr.  Lvl  posi's  &  Mast  +2  yrs  or 
Bach  +  5  yrs  of  exp  for  Sr.  Lvl 
position.  Skill  req:  Oracle,  VB, 
Oracle  Clinical,  PL/SQL, 
SQL'Plus,  Java,  JDBC,  Java 
Servlets,  JavaScript,  RMI,  JFC, 
Swing,  Java  Beans,  C/C++,  Win 
NT/2000,  MS  Access  2002, 
UNIX,  Shell  Scripting,  DBA. 
Dream  weaver,  Websphere, 
Web  logic,  Web  db,  MS  Access 
2002  TOAD,  HTML,  DHTML, 
ASP,  XML,  Rational  Rose.  Apply 
w/2  copies  of  resume  to  HRD, 
Software  Research  Group,  Inc., 
75  Gil  Crest  Rd,  Apt  #  200, 
Londonderry,  NH,  03053 

Database  Admin  -  Design,  con¬ 
figure,  install  and  administer 

Oracle  databases  utilizing  AQ. 

OID,  VLDB,  OEM,  RMAN 

Oracle  9IAS,  etc.;  2  yrs  exp.  in 

job  offd  or  related  and  B.S.  in 

Comp  Sci,  Enng  or  related.  Exp. 

ref.  req'd.  Send  res:  Anid 

Infosoft,  2204  Haley  St.,  Oxford, 

MS  38655. 

PeopleSoft  Programmer: 

2yrs  technical  exp.  in 

PeopleSoft.  Develop  inter¬ 
faces/reports  using  People 

Tools,  PeopleCode  on 

HRMS/FIn/Distrib  modules. 

BS  (Computer  Science)  or 

equiv.  pref.  Mail  resumes: 

Navo  Systems,  1150 

Hancock  St.,  4th  Fir, 

Quincy,  MA  02169 

COMPUTER 

PricewaterhouseCoopers  LLP's 
Internal  Firm  Services  practice 
has  opportunities  available  for 
an  experience  Enterprise 
Messaging  Manager,  Positions 
require  5  yrs  related  exp., 
including  in-depth  knowledge 
and  experience  with  Lotus 
Notes  administration,  Unix,  NT 
Operating  systems;  and  SMTP 
messaging.  Job  site/location: 
Tampa,  Florida  Interested  can¬ 
didates  please  reference  job 
code  473TSG  &  fax  resume  to 
PwC  US  IT  Recruiting  at  813- 
348-7980.  No  phone  calls 
please.  Employer  will  only  con¬ 
sider  applicants  authorized  to 
work  for  any  employer  in  the 
U.S. 

Database  Administrator  needed 
w/exp  in:  Oracle  Database  & 
SQL  Server  Configure  database 
Fail-Over  using  MC/Service 
Guard  &  Veritas  clusters. 
Database  tuning  using 

Statspack,  Oracle  Enterprise 
Manager  &  Precise.  Use  SQL 
Back  Track,  RMAN,  Export  & 
Import,  Multi  Master  Replication 
&  Standby  Database  methods. 
Design  database  for  DSS  & 
OLTP.  Prepare  shell  scripts 
using  Kshell,  Cshell  &  Perl. 
Send  res.  to:  Global  Information 
Technology  Services,  LLC., 
7067  East  Chestnut  Hill  St., 
Littleton,  CO  80130.  No  in-per- 
son  resumes/interviews:  only 
respond  by  mail. 

Computer  Software  Associates 
(ICSA)  is  looking  for  software 
engineers,  system/programmer 
analyst  with  skills  in  J2EE,  Java. 
Websphere,  Visual  Age,  Oracle, 
SQL,  VB,  ASP,  ASP  Net,  VB  Net. 
DB2,  Unix  BS  or  equivalent 
required  Please  contact  raghu- 
ponnala@icsa-us  com.  EOE 

IT  specialists  wanted  by 
ARWANO,  Inc  for  various  posi¬ 
tions  using  Oracle,  SQL.  VB. 
C/C++,  SAP.  Web  technology, 
Java,  JavaScript.  We  are  small 
but  stable.  Minimum  is  BS 
degree  IT  experience  preferred 
Travel  required  for  some  posi¬ 
tions.  Please  apply  at 
waseem@arwano.com,  EOE, 

NWO3102OE/W/MW  3 
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Technical  Manager 

"technical  Manager  (elT). 
Durham,  NC.  Manage  and 
advise  technical  staff  in  the  elT 
Delivery  Group,  inch  developers, 
analysts  and  consultants 
Ensure  coding  guidelines  and 
Change  Management  process¬ 
es  are  in  place  and  adhered  to. 
Strategically  direct  the  team  on  a 
global  level,  utilizing  under¬ 
standing  of  Intranet  and  Extranet 
platform  technologies  and  of 
tech,  and  business  issues  of 
customer  base.  Provide  leader¬ 
ship  to  team  in  tech,  consulta¬ 
tion,  analysis  and  design, 
dvpmt.,  implem.,  and  tech,  sup¬ 
port  for  eBusiness  projects. 
Provide  time  and  cost  estimates 
for  tech  aspects  of  projects. 
Ensure  that  technical  implemen¬ 
tation  adheres  to  standards  and 
that  services  are  suitable  for 
turnover  to  Operations  staff. 
Stay  abreast  of  new  technolo¬ 
gies  as  they  arise.  Req.: 
Bachelor's  degree  or  foreign 
equiv.  in  Computer  Science  or 
related  engineering  field. 
Minimum  of  3  year  experience 
required  in  job  offered  or  as  web 
developer  including  3  years 
experience  in  the  following, 
which  may  have  been  obtained 
concurrently:  Plumtree,  Verity, 
Netegrity  and  Interwoven: 
NT/IIS  administration  ASP, 
HTML,  XML,  Java,  Javascript, 
ODBC  and  MTS;  intranet  and 
Extranet  technical  experience 
including  portals,  search  ser¬ 
vice,  web  hosting  platforms  and 
taxonomies;  and,  project  man¬ 
agement  and  technical  consult¬ 
ing  for  web  applications  in  a 
business  environment. 

GSK  is  dedicated  to  an  innova¬ 
tive  workplace  and  supports  you 
w/career  long  opportunities  & 
learning.  We  offer  a  competitive 
benefits  and  compensation 
package.  For  confidential  con¬ 
sideration  please  forward  2 
copies  of  your  resume  to:  BHG 
Box  28228,  220  E.  42nd  St„ 
14th  FI.,  NY.  NY  10017. 
Indicating  ad  code  "TM"  is 
essential.  Principals  only,  no 
agencies.  We  are  an  Equal 
Opportunity  Employer  M/F/DA/. 


COMMUNICATION  SYSTEMS 
ENGINEER  (Weston,  FL): 
Propose  solutions  to  improve 
and  enhance  existing  hardware 
and  software  telecommunication 
architectures.  Design,  develop, 
test,  implement  and  analyze 
technical  products  and  systems 
focused  on  wireless  technology 
(Wireless  Internet  platform  - 
(WAP  Technology)).  Min.  of  (1) 
Bachelor's  degree  or  equiv.  in 
Electrical  Engrg.  or  Electronics 
Engrg.;  (2)  3-yr  experience  in 
job  offered  or  3-yr  experience  in 
wireless  telecommunications 
engrg.  in  Telecommunications  & 
Wireless  Industry;  (3)  Exp¬ 
erience  must  include  design  and 
development  of  system  in 
Wireless  Internet  Platform  (WAP 
technology),  and  standards  and 
technologies  of  UMTS  GPRS, 
GSM,  CDMA  IS-95  and  SMS. 
40hr/wk;  9am-6pm.  Mon-Fri. 
Pis.  send  2  resumes  to 
HR/OCF-cp,  Consis  Inter¬ 
national,  L.C.  1900  N 
Commerce  Parkway,  Weston. 
FL  33326. 


Spectral  Genomics,  Inc. 
(Houston,  TX)  is  seeking  for  (1) 
Bioinformatics  System  Engineer 
to  develop  company's  bioinfor¬ 
matics  system.  1  yr  related  exp. 
in  statistical  and  pattern  recogni¬ 
tion  algorithm  development 
using  Labview,  Oracle.  Solans, 
and  Linux. 

(2)  Bioinformatics  System 
Analyst  to  develop  company's 
bioinformatics  system  using 
Rational  Rose.  UML,  JDBC, 
EJB,  Rosetta  net.  Weblogic. 
XML,  Java  Servlets  and  QA 
Tests.  1  yr  related  exp.  Send 
resume  to  8080  North  Staduum 
Dr.  Houston,  TX  77054  713- 
797-0203(F)/71 3-797-0092(T). 
Attn  Tom  Martin 


SENIOR  DATABASE  ADMINIS¬ 
TRATOR  (ORACLE  /  MS-SQL)  - 
An  international  company  head¬ 
quartered  in  the  Boston  area, 
and  engaged  in  the  research, 
development,  marketing  and 
sale  of  state-of-the-art  imaging 
media  and  devices,  has  an 
immediate  need  for  a  highly 
skilled  Senior  Database 
Administrator  (Oracle/MS-SQL). 
This  senior  specialist  position  is 
responsible  for  new  database 
creation,  Oracle  7-8i  application 
development  support,  and  man¬ 
agement  of  approximately  22 
separate  corporate  Oracle  7-8i 
and  MS-SQL  databases,  many 
of  which  are  mission-critical 
requiring  24-hour/7-day  on-call 
availability;  this  non-managerial 
position  is  also  responsible  for 
mentoring  application  develop¬ 
ers  and  support  personnel.  The 
position's  duties  involve  the 
design,  implementation, 

upgrade,  diagnosis,  real-time 
failure  correction  and  support 
Oracle  databases  on  both  Unix 
and  NT  platforms;  the  design, 
implementation,  diagnosis,  and 
support  of  MS-SQL  databases; 
the  writing  of  scripts  in  UNIX 
Shell,  Perl,  and  PL/SQL  pro¬ 
gramming  languages;  the  instal¬ 
lation,  upgrade  and  support  of 
Oracle  in  an  SAP  environment; 
and  the  set  up  and  support  of 
Oracle  Standby  database  and 
split-mirror  database  backup. 
Minimum  education  require¬ 
ments  include  a  Bachelor's 
degree  in  Computer  Science, 
Mathematics,  or  other  job-rele¬ 
vant  major.  Minimum  experi¬ 
ence  required  is  8  years  involv¬ 
ing  the  design,  development  and 
implementation  of  database 
applications,  at  least  three  years 
of  which  specifically  included 
Oracle  database  administration. 
Base  annual  salary  is  $83,000 
together  with  contributory  med¬ 
ical  and  dental  plan,  life  and  dis¬ 
ability  insurance's,  employer- 
paid  vacation,  and  other  indus¬ 
try-competitive  benefits. 

Qualified  applicants  respond 
with  two  (2)  copies  of  resume 
only  to:  Case#  200203250, 
Labor  Exchange  Office,  19 
Staniford  Street,  1st  Floor, 
Boston,  MA  02114. 


Senior  Engineer  (Senior 

Software  Engineer):  Design  and 
develop  the  persistence  tier  for 
the  company  product  line. 
Design  and  implement  the 
reporting  subsystem  for  the 
company  product.  Work  on  sev¬ 
eral  projects  in  the  early  stage  of 
development  and  perform 

research,  design,  coding  and 
testing  for  the  project. 

Requirements  include  a 
Master's  degree  or  equivalent  in 
Computer  Science,  an 
Engineering  discipline  or  related 
field  and  three  years  of  work 
experience  in  the  job  offered  or 
related  field  of  software  engi¬ 
neering.  Experience  must 
include  knowledge  of:  Solaris, 
Linux,  C++,  Java,  SQL, 
Javascript,  MS  Interdeve  and 
ASP  Applicants  must  have 
unrestricted  authorization  to 
work  in  the  United  States. 
Salary  $96, 624/year.  40 

hours/wk  Respond  with  two 
copies  of  resume  to  Case 
#200203095,  Labor  Exchange 
Office,  19  Staniford  St..  1st  FI., 
Boston,  MA  02114 


COMPUTER 

Semantic  Space  has  a  continu¬ 
ing  need  for  multi  skilled  IT  pro¬ 
fessionals  Positions  available 
are  Software  Engineers  with 
net,  VBScript.  Jscript,  ASP.net 
skills;  Programmer/Analyst, 
Project  Leader/Manager  with 
extensive  experience  in  IT 
industry.  Send  resume  to:  100 
Pacifica.  #270,  Irvine,  CA 
92618.  Attn:  HR  or  fax  to  949- 
789-7334 


Senior  Software  Engineer-  Work 
hands-on  in  the  development 
lifecycle  of  e-health  technolo¬ 
gies,  including  design,  imple¬ 
mentation,  testing  and  mainte¬ 
nance  of  enterprise  software 
application,  GUI,  backend,  and 
stand  alone  applications,  soft¬ 
ware  components  and  applica¬ 
tion  servers  for  the  healthcare 
industry.  Develop,  testing,  and 
maintain  software  components, 
middleware  containers,  and  web 
services  to  confidentially  and 
securely  manage  patient  infor¬ 
mation.  Develop  tools  and  tech¬ 
nologies  for  document  publish¬ 
ing  and  management,  semantic 
processing  and  content  extrac¬ 
tion.  Work  with  application  of 
authentication,  cryptography 
and  public  key  infrastructure 
techniques  and  methodologies 
in  developing  secure  transac¬ 
tions  with  the  company's  busi¬ 
ness  partners  and  clients.  Use 
knowledge  of  various  XML  tech¬ 
nologies,  Java  and  C/C++, 
object  oriented  design  and  web 
development  technologies. 
Requirements  include  a 
Master's  Degree  or  equivalent  in 
Computer  Science,  an 
Engineering  discipline  or  related 
field  and  three  years  of  experi¬ 
ence  in  the  job  offered  or  related 
field  of  web-based  application 
development  including  Java, 
XML  and  C++.  Applicants  must 
have  unrestricted  authorization 
to  work  in  the  United  States. 
Salary  $85, 561/year.  40 

hours/wk.  Respond  with  two 
copies  of  resume  to  Case 
#200203251,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  FI., 
Boston,  MA  02114 


Power  Electronics  Engineer: 
Design,  develop  and  test  IGBT 
and  MOSFET  based  power  con¬ 
verters  to  include  inverters,  DC- 
DC  converters,  power  supplies 
and  frequency  converters  for 
motor  drives,  distributed  power 
applications  such  as  fuel  cells 
and  other  industrial  applications 
in  the  5kW  to  1  MW  power  range. 
Design,  develop  and  test  DSP 
based  controllers  using  analog 
and  digital  devices.  Design, 
develop  and  test  new  power 
conversion  and  control  topolo¬ 
gies  and  concepts.  Use  power 
electronics  and  controls  model¬ 
ing  tools  to  include  Simulink, 
Pspince  and  other  related  simu¬ 
lation  tools.  Requirements 
include  a  Master’s  degree  or 
equivalent  in  Electrical  Eng¬ 
ineering  or  related  field  and  two 
years  of  work  experience  in  the 
job  offered  or  related  field  of 
design,  analysis,  development 
and  testing  of  power  converters 
in  the  range  of  5  kW  to  1  MW. 
Applicants  must  have  unrestrict¬ 
ed  authorization  to  work  in  the 
United  States.  Salary  $83,590/ 
year.  40  hours/wk.  Respond 
with  two  copies  of  resume  to 
Case  #200203128,  Labor 
Exchange  Office,  19  Staniford 
St.,  1st  FI.,  Boston,  MA  02114 


Programmer  Analyst  w/exp  in 
using  Oracle,  MS  SQL,  MS  SQL 
Server  under  Windows  &  Unix 
environment.  Implement  GUI 
solutions  using  VC++,  VB, 
Active  X.  VBA  and  Win  32API. 
Send  resumes  to:  Apollo 
Consulting  Services  Corp.,  One 
Copley  Parkway.  Suite  430, 
Morrisville,  NC  27560.  No  in  per¬ 
son  resumes/interviews;  only 
respond  by  mail. 


Infobahn  Technologies  has 
immediate  full  time  openings  (2 
positions)  for  Software 
Engineers  to  design,  develop, 
test  &  implement  web  services  & 
databases  to  the  client's  prod¬ 
ucts  &  services  using  .Net  tech¬ 
nologies  (ASP  Net,  VB.  Net,  C 
Sharp),  C++,  XML,  XSLT,  UML. 
PL/SQL,  T-SQL.  Shell  Scripting. 
Java  &  tools  such  as  Source 
Safe,  Clearcase,  Filemaker  Pro. 
Back-end  development  skills 
using  Oracle,  SQL  server.  Req 
BS  in  Comp.  Sci.  Engg/Rel  field 
with  2  yrs  exp.  Send  resumes  to: 
Infobahn  Technologies,  (HR) 
288  Walnut  St.  #410  Newton, 
MA  02460. 


Programmer  Analyst  needed 
w/exp  in  client/server  &  n-tier 
applications  using  Delphi,  XML, 
HTML,  ASP,  TCP/IP,  IIS,  Star 
Team,  COM/DCOM,  Active  X  & 
MTS,  Sybase,  MS  SQL  Server, 
TSQL,  ERwin  &  Cast  SQL- 
Builder  &  TCP  Trace.  Use  Quick 
Reports  &  Crystal  Reports.  Send 
resumes  to:  Triple  Point 
Technology,  Inc.  301  Riverside 
Ave.,  Westport,  CT  06880.  No  in 
person  resumes/interviews;  only 
respond  by  mail. 


Database  Design 
Analyst/Project  Lead  for 
s/ware  co  in  Manhattan, 
NY.  Must  have  Master's 
in  Comp  Sci  or  reltd  field 
&  2yrs  exp  in  job  offerd. 
Send  resume  to: 
recruit@ftisoft.com  &  re: 
DDAP 


is  the  place  where 
your  fellow  readers 
are  getting  a  jump 
on  even  more  of  the 
world's  best  jobs. 

Now  combined  with 
CareerJournal.com, 
You  have  more  jobs 
to  choose  from.  Stop 
in  for  a  visit  and 
see  for  yourself  at: 
www.itcareers.com 
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(800)  762-2977 


You  can  find  a 
better 

JOB 
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behind  your 
back. 


Just  point  your  mouse 
to  the  world’s  best 
IT  careers  site, 
powered  by 
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Check  us  out  at: 
www.itcareers.com 

or  call 

(800)  762-2977 
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It's  crunch  time  for  WAN  managers.  The 
snap-back  of  budgets  and  the  sting  of 
expectations  now  demand  new  answers  from 
you.  Solutions  like  identity-based  services. 
Bandwidth  optimization.  VoIP  that  works. 
VPNs  that  fit.  True  enterprisewide  WAN 
benefits  that  are  evident,  effective,  efficient 
and  excuse-free. 

It's  time  for  WANs:  Answering  the  Demand  for  Optimized  Services,  the  new  Network  World 
Technology  Tour  event  focused  on:  disciplined  bandwidth  management,  caching  and 
compression.  Optimized  services  that  run  over  your  established  infrastructure.  Access  you 
can  control,  partition  and  protect.  Metered  monitoring  you  can  evaluate  in  real  time. 
Standards  that  finally  deliver  long-delayed  benefits  to  VPNs  and  VoIP.  The  WAN  challenge 
has  never  been  greater.  And  you  need  to  meet  it  head  on.  Act  now!  Optimize  the  benefits 
you  deliver  enterprisewide. 


"MAXIMIZE  THE  VALUE." 

FOCUS  OUR  SPENDING. 
"GET  IT  DONE  NOW." 


PRESENTER: 

Jim  Metzler 

President, 

Ashton,  Metzler  &  Associates 


A  make-or-break  event  for: 

►  Vice  Presidents,  Network/IT 
Directors  and  Managers  of: 

Planning,  Design,  Architecture, 
Engineering,  Communications 


Top  Takeaways: 

►  bandwidth  optimization  techniques 
and  how  to  apply  them 

►  hype-free  VPN  analysis  and 
disciplined  deployment 

►  bullet-proof  VoIP  strategies 
and  practical  tactics 


Advance  Reservation  by  Qualified  Professionals  is  Required 
for  Complimentary  Attendance 

REGISTER  NOW! 

Online  at  www.nwfusion.com/events/wan2  or  call  1-800-643-4668 


This  event  is  limited  to  Network  and  IT 
professionals  involved  in  the  evaluation, 
purchase  and  implementation  of  WAN 
products  and  services. 


PLATINUM  PRESENTING  SPONSORS: 


Cisco  Systems 


EXPAND 


rks 


GOLD  EXHIBITING  SPONSOR: 


NetCefera ))) 


VISUAL 


N  E  T  W  O  R  K  S' 


To  join  sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D' Amato  at  508-490-6520  or  adamato@nww.com 
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EMC's  acquisitiveness 

A  sampling  of  EMC’s  acquisitions  shows  how  the  company  has  integrated  technologies 
and  products. 


Company  acquired 

Date 

Price 

Description 

Legato 

2003 

$1.3M 

Ability  to  integrate  backup/recovery,  information  life-cycle 
management  into  existing  products.  Deal  only  went  through 
this  week;  doubts  about  partner/hardware  impartiality. 

BMC  Software’s 
Patrol  Storage 
Manager 

2003 

Not  disclosed 

Acquired  customer  base.  Discontinued  product. 

Astrum 

2003 

Not  disclosed 

Software  integrated  into  storage  resource  management.. 

Prisa 

2002 

$20M 

SAN  management;  gained  small-and-midsize-business  product. 

Filepool 

2001 

$50M 

Basis  for  Centera;  strong  revenue  producer. 

Luminate 

2001 

$50M 

EMCLink;  gained  remote  application/perfomance  monitoring. 

CrossStor 

2000 

$300M 

Gained  IP  knowledge.  IP4700  failed  to  gain  market  share. 

Conley 

2000 

$300M 

Software  became  EMC  PowerPath;  important  to  SANs. 

Terascape 

2000 

$50M 

Acquired  integrated  storage  performance  tuning. 

Data  General 

1999 

$1 .1 B 

Clariion  storage;  gained  good  mid-range  storage  business. 
Discontinued  non-commoditized  servers;  incompletely  integrated 
management  interface  between  Clariion,  Symmetrix;  integration 
took  too  long. 

Softworks 

1999 

$192M 

Product  integrated  into  EMC  ControlCenter  software. 

EMC 

continued  from  page  1 

asset  and  Web  content  manage¬ 
ment  and  collaboration  to  EMC’s 
portfolio.  In  addition,  the  acquisi¬ 
tion  gives  EMC  a  pipeline  into 
Documentum’s  customer  base, 
which  includes  companies  such 
as  Dow  Coming,  Ford  and  Mor¬ 
gan  Stanley  Dean  Witter. 

The  question,  analysts  and  cus¬ 
tomers  say,  is  whether  EMC  will 
give  Documentum  the  autonomy 
it  needs  to  serve  not  only  EMC’s 
storage  customers,  but  also  to 
continue  to  evolve  its  content 
management  products. 

“For  sure,  Documentum  will 
gain  additional  financial  and 
technical  wherewithal  from 
EMC,  which  will  perhaps  help  it 
further  beat  out  competition 
and  improve  the  product,”  says 
Jim  Nasr,  CEO  of  business  and 
technology  at  consulting  firm 
Armedia.  “However,  I  wonder 
whether  the  Documentum/EMC 
Centera  combination  will 
become  the  de  facto  Docu¬ 
mentum  sales  pitch  to  come 
and  force  clients  to  choose  a 
‘package  deal’  as  opposed  to 
what  they  really  want.  [This 
approach  would  be]  similar  to 
what  IBM  did  with  Lotus  Notes 
after  that  acquisition,  when 
seemingly  every  IBM  custom 
solution  needed  to  include 
Lotus  Notes.” 

Customers  and  partners  also 
wonder  whether  EMC  will  suc¬ 
cessfully  bridge  the  hardware/ 
software  company  cultural  divide 
that  might  be  the  greatest  chal¬ 
lenge  to  smoothly  integrating 
Documentum  into  its  fold. 

“The  only  thing  is  at  some  point 
in  time  the  cultures  end  up  trick¬ 
ling  together,”  says  Elaine  Price, 
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president  and  CEO  of  business 
continuity  services  provider  CYA 
Technologies.  CYA  is  a  partner  to 
EMC  and  Documentum.The  com¬ 
pany  also  uses  Documentum 
internally  to  manage  the  life  cycle 
of  its  product  development 
processes. 

“In  the  old  days,  companies 
would  take  on  the  behavior  of  the 
acquirer,”  Price  says.  “In  order  to 
be  successful,  the  companies 
have  to  be  able  to  run  separately’ 

For  its  part,  EMC  says  Docu¬ 
mentum  and  its  1,100  employees 
will  become  the  foundation  of  a 
separate  subsidiary  which  will  be 
headed  by  Documentum  Presi¬ 
dent  and  CEO  Dave  DeWalt.This 
approach  is  much  like  EMC’s 
treatment  of  Legato,  which  it  es¬ 
tablished  as  a  separate  business 
unit  led  by  David  Wright,  Legato’s 
CEO.  The  Legato  acquisition, 
which  increased  EMC’s  data  re¬ 
covery  and  life-cycle  manage¬ 
ment  capabilities,  is  expected  to 
close  this  week. 

Independence? 

And  while  EMC  says  hard¬ 
ware/software  independence 
will  underpin  its  acquisition  of 
both  Documentum  and  Legato, 
analysts  are  skeptical  and  point 
out  that  EMC’s  track  record  is 
spotty  when  it  comes  to  inte¬ 
grating  the  products  of  acquisi¬ 
tions  and  living  up  to  hardware 
independence. 

“The  only  way  EMC  will  make 
this  successful  is  if  they  let  Docu¬ 
mentum  continue  to  do  their 
own  thing  and  have  them  work 
with  the  Centera  group,”  says 
Brian  Babineau,  an  analyst  for 
Enterprise  Storage  Group.  “EMC 
must  keep  Documentum  sepa¬ 
rate  from  its  traditional  business 
to  avoid  distraction, as  historically 
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the  company  has  been  less  than 
perfect  in  integrating  outside  enti¬ 
ties  into  the  EMC  culture. 

“EMC  can  optimize  Documen¬ 
tum  to  work  with  Centera,  but 
Centera  also  needs  to  work  with 
FileNet,  KVS  and  Optika,”  he  says. 
“The  last  thing  EMC  needs  to  add 
is  a  hardware  agenda.” 

EMC  is  making  every  effort  to 
ensure  that  its  products  work  with 
a  variety  of  systems,  saying  it  will 
only  integrate  its  products  with 
Documentum’s  at  the  API  or 
package  bundle  level. 

“We  aren’t  going  to  be  doing 
any  direct  combination  of  prod¬ 
ucts;  we  aren’t  going  to  change 
any  partnerships.  Centera  is  going 
to  remain  open  to  Documentum 
competitors,”  says  Mark  Lewis, 
executive  vice  president  and  CTO 
for  EMC. 

Last  week  the  company  an¬ 
nounced  a  partnership  with  Doc¬ 
umentum  competitor  FileNet  to 
manage  regulated  records. 

Challenges 

At  the  same  time,  Documentum 
will  face  challenges  of  its  own. 
The  integration  process  likely  will 
set  Documentum  off  course  for 
about  a  year,  analysts  suspect,  giv¬ 
ing  competitors  such  as  Inter¬ 
woven,  FileNet  and  Open  Text  an 
opportunity  to  gain  share  on  the 
market  leader. 

But  analysts  also  tell  customers 
to  expect  more  consolidation  in 
the  content  management  market 


as  companies  such  as  Oracle  and 
other  storage  vendors  take  a 
close  look  at  bolstering  their  con¬ 
tent  management  capabilities. 

Another  area  of  concern  for 
Documentum  customers  is  what 
products  EMC  will  choose  to  no 
longer  develop  or  support. 

“There  is  a  good  chance  that 
some  of  the  current  partner  prod¬ 
ucts/solutions  that  are  offered  as 
a  part  of  the  Documentum  suite 
will  be  squeezed  out  by  EMC,  par¬ 
ticularly  around  Documentum 
storage  or  business  continuity/’ 
Armedia’s  Nasr  says. 

Alan  Felz-Sharpe,  vice  president 
of  research  at  Ovum,  adds  that 
features  such  as  Documentum’s 
collaboration  technology  which  it 
acquired  from  eRoom  last  year, 
might  become  less  relevant. 

“It  becomes  more  of  a  ‘How  do 
I  manage  this  mass  of  content?”’ 
he  says.“This  is  where  the  two  sto¬ 
ries  don’t  add  up  quite  so  much. 
Documentum  is  very  much 
about  being  a  dynamic,  live  col¬ 
laborative  environment. . .  .That’s 
not  really  all  that  connected  to 
storage.” 

Analysts  also  say  that  EMC  will 
have  to  work  hard  to  integrate 
document  and  record  manage¬ 
ment  with  storage  management 
to  give  customers  a  means  of  pro¬ 
visioning,  migrating,  managing 
and  archiving  data  based  on  its 
value.  EMC  says  it  plans  to  turn 
content  management  into  just 
another  part  of  its  ubiquitous  stor¬ 


age  management  strategy 

“The  acquisition  allows  us  to 
manage  and  bring  structure  to 
unstructured  data,”  EMC’s  Lewis 
says.  “The  fundamental  thing  our 
customers  told  us  is  ‘you  want  to 
help  us  manage  data,  you  want  to 
do  information  life-cycle  manage¬ 
ment,  you  need  to  give  us  a  hook 
that  lets  us  put  in  business  poli¬ 
cies  and  the  rules  when  we  create 
the  data.’  ” 

EMC  says  that  80%  of  data  is 
unstructured,  and  Document¬ 
um’s  DeWalt  says  that  workers 
spend  40%  of  their  time  search¬ 
ing  for  this  data.  Integrating  the 
content  management  capability 
with  storage,  analysts  say,  is  a  nat¬ 
ural  fit. 

“EMC  has  validated  the  idea 
that  content  management  com¬ 
panies  should  be  looking  more 
seriously  at  storage,”  says  Joe 
Martins,  a  partner  at  Data 
Mobility  Group.  “Storage  admin¬ 
istrators  are  using  completely 
separate  sets  of  tools  [from  con¬ 
tent  management]  and  moving 
files  around . People  start  talk¬ 

ing  about  information  life-cycie 
management.  But  if  you  look  at 
the  core  of  information  life-cy  cle 
management,  it’s  almost  identi¬ 
cal  to  what  content  manage¬ 
ment  has  been  saying  for  the 
longest  time.”  88 
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BackSpin 


Mark  Gibbs 


Business-process  insanity 


colleague  who  we’ll  call  Mr.X 
ordered  a  computer  from  Dell. 
A  few  days  later  he  noticed  a 
Dell  ad  in  PC  World  offering  a  nearly 
identical  machine  for  $300  less. 

Not  a  man  to  hold  back, Mr.X 
called  Dell  and  spoke  to  a  customer 
service  representative  and  explained 
that  he’d  like  the  reduced  price  for  the  machine  that 
had  shipped  but  had  not  yet  arrived.The  rep  put  him 
on  hold  and  when  he  came  back  said  he  could 
offer  a  $50  refund. 

When  Mr.  X  asked  why  he  would  settle  for  that,  the 
rep  upped  the  offer  to  $75,  then  sweetened  it  further 
by  offering  to  throw  in  a  digital  camera.“No  thanks,” 
said  Mr.X,“l  have  one.”“How  about  a  printer?”  asked 
the  rep.“Nope,”said  Mr.X, “I’ve  got  one  of  those  too.” 

Mr.  X  was  by  now  half-expecting  to  be  offered  a 
ham,  but  the  rep  put  him  on  hold  again  before  com¬ 
ing  back  with  his  best  offer  ...wait  for  it .  ..$125! 
“AHHHHHHHHH,”said  Mr.X. 

So  the  rep  said  Mr.X  could  refuse  delivery  at  no 
cost  and  simply  reorder  the  machine  at  the  lower 
price.The  stupidity  of  this  might  have  been  evident 
to  the  rep,  but  he  said  his  hands  were  tied. 

Finally  a  supervisor  got  involved  and  said  the 
maximum  she  could  offer  was  $263  and  conceded 
that,  in  fact,  the  best  choice  for  Mr.  X  was  to  cancel 


and  reorder,  which  he  did. 

So  Dell  pissed  off  a  customer,  spent  untold  dollars 
in  customer  support  time  and  swallowed  the  ship¬ 
ping  costs  (both  deals  included  free  shipping)  to 
send  out  and  back  the  first  computer  and  then  ship 
out  the  new  machine.  Oh,  and  the  company  made 
$300  less  in  the  process.  I  would  guess  that  profit  on 
this  sale  is  now  a  distant  memory. 

What  is  sad  about  this  story  is  that  it  is  not  unusual. 
Similar  tales  of  business-process  insanity  can  be 
found  at  any  number  of  vendors  and  service  compa¬ 
nies  (you  probably  have  one  or  two  of  your  own). 

Six  months  ago  I  was  trying  to  sort  out  why  for 
three  months  Verizon  had  managed  to  charge  me 
for  three  different  calling  plans,  none  of  which  I  had 
ordered. 

It  became  obvious  that  the  Verizon  customer  rep 
was  severely  limited  by  the  billing  system,  and  when 
I  asked  whether  she  had  regular  meetings  with  man¬ 
agement  to  discuss  how  well  the  system  worked 
and  how  it  could  be  improved  she  told  me  they 
never  had  a  chance  to  give  feedback.  I  was  amazed! 
How  can  you  improve  business-process  efficiency 
without  talking  to  the  people  at  the  pointy  end  of 
the  operation? 

Over  the  past  few  months  whenever  I  have  to  grap¬ 
ple  with  customer  service  for  any  large  organization 
1  have  asked  the  same  question  about  management 
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feedback  and  received  exactly  the  same  answer: 
Management  does  not  talk  to  customer  reps! 

And  these  are  the  same  organizations  that  spend 
millions  of  dollars  on  CRM  solutions,  workflow  sup¬ 
port  systems  and  groupware.  What  it  points  out  is 
that  all  of  these  technologies  are  being  applied  as 
bandages  that  are  far  too  small  for  the  scores  of 
gaping  wounds  in  the  organizations  business 
processes. 

And  the  problem  for  IT  groups  is  the  inability  of 
the  technology  solutions  to  fix  the  larger  business 
problems  making  it  look  like  these  are  your  prob- 
lems.“We  spent  how  much  on  IT  and  still  have  these 
kinds  of  nightmares?”  the  CEO  shrieks. 

Of  course  you  do,  Sparky.  Because  no  matter  how 
good  the  technology  is  it  will  be  limited  by  the  peo¬ 
ple  who  are  negligent  in  providing  the  link  from  the 
customer-facing  side  of  the  operation  back  to  the 
planning  and  management  side.  And  you  can’t 
expect  IT  to  fix  fundamental  problems  caused  by 
managers  simply  not  communicating  with  their  staff. 

So  Mr.X  will  get  his  computer  a  few  days  later 
than  planned  for  $300  less,  Dell  will  be  out  perhaps 
$500,  and  my  money  is  on  Dell  learning  nothing 
from  the  whole  fiasco. 

Can  your  company  learn ?  Confessions  to  backspin 
@gibbs.  com. 
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News,  insights,  opinions  and  oddities 


By  Paul  McNamara 


Even  in  Weblogs . . . 

We  all  agree  that  the  Internet  is  the 
eighth  wonder  —  on  a  good  day  —  but 

imagine  how  much  more  wondrous  it  would  be  if  so  many  of  the  people  who  use  it 
weren't  greedy,  self-centered  morons. 

The  thought  occurred  —  again  —  as  I  read  an  internal  memo  from  my  colleague 
Adam  Gaffin  about  the  Weblogs  we  publish  on  Network  World  Fusion  (www.nwfu 
sion.com).  As  you  know,  Weblogs  are  hotter  than  black  vinyl  car  seats  in  August. 
And  while  reasonable  people  can  disagree  about  whether  media-affiliated 
Weblogs  should  be  edited  (absolutely)  and  whether  blogging  will  change  life  as 
we  know  it  (absolutely  not),  this  much  should  be  beyond  debate:There’s  a  special 
black  vinyl  car  seat  in  hell  for  spammers. 

Until  they  singe  their  fannies  in  the  afterlife,  however,  spammers  will  continue  to 
discover  new  ways  of  foisting  their  crap  upon  the  rest  of  us:  Weblogs  being  only 
the  latest  vehicle. 

Gaffin  reports  having  recently  spent  an  hour  of  his  weekend  deleting  “comment 
spam"  from  our  Weblogs  and  those  that  he  oversees  at  Boston  Online  —  www. 
boston-online.com  —  your  one-stop  shop  for  information  about  all  things  Boston. 

“I've  just  installed  something  called  MT-Blacklist  that,  if  it  works,  should  protect 
our  Weblogs  from  spam,”  Gaffin  told  us.  "Basically,  when  somebody  tries  to  post 
a  comment,  MT-Blacklist  checks  the  URL  and  the  message  body  against  a  black¬ 
list  of  banned  words  and  URL  fragments  and,  if  it  finds  a  banned  word,  tells  the 
user  (or  spambot):  ‘Bzzt,  wrong  answer.Try  again’  (or  words  to  that  effect). 
Naturally,  the  spammers  will  try  to  get  around  the  blacklists,  but  the  software  lets 
you  import  blacklists  from  other  sites,  so  maybe  we  can  keep  a  step  ahead  of 
them." 

What’s  particularly  galling  about  comment  spam  is  that  it  is  not  so  much 
intended  to  con  the  feeble-minded  into  buying  get-rich-quick  schemes  and 


snake  oil,  but  aims  instead  to  boost  the  spammer's  Google  rating.  One  factor  in 
determining  where  a  site  ranks  in  a  Google  search  on  any  particular  word  or 
term  is  the  number  of  other  sites  that  link  to  the  one  containing  that  word  or 
term.  More  links  means  a  higher  ranking,  so  spammers  have  taken  to  seeding 
Weblogs  with  links  that  have  no  legitimate  business  being  ther*e. 

Hence  the  need  for  tools  such  as  MT-Blacklist.  Blogger  Jay  Allen’s  labor  of  love, 
MT-Blacklist  works  only  with  the  blogging  application  MovableType  and  can  be 
downloaded  at  www.jayallen.org/projects/mt-blacklist/. 

"This  software  is  here  for  the  taking,”  Allen  tells  his  readers.  "You  do  not  have  to 
pay  a  dime  for  it.  It  makes  me  happy  just  to  know  that  I've  helped  so  many  people." 

Thanks,  Jay. 

Your  work  number  is  'personal? 

How  can  an  internal  company  telephone  directory  be  considered  "personal" 
information  worthy  of  privacy  law  protection?  Don't  ask  me. 

The  question  springs  from  an  Oct.  10  Wall  Street  Journal  story  headlined: 
"Europe's  New  High-Tech  Role:  Playing  Privacy  Cop  to  the  World.”The  gist  was 
that  stringent  privacy  protections  in  Europe  are  prompting  U.S.  multinationals  to 
fall  in  line  whether  or  not  such  attitudes  prevail  here. 

The  featured  anecdote  recounted  efforts  by  General  Motors  to  distribute  its 
internal  phone  directory  to  GM  facilities  and  business  partners  worldwide. 

No  can  do,  said  the  European  privacy  cops. 

GM  appealed.  We're  talking  about  business  phones,  it  told  those  authorities. 

The  cops  wouldn't  budge,  meaning  GM  had  to  move  heaven  and  earth  simply  to 
let  its  employees  find  each  other’s  workplace  phone  numbers. 

The  story  did  not  explain  why  business  numbers  would  be  considered  personal 
information  —  even  by  privacy-crazed  Europeans  —  and  my  own  efforts  to 
find  out  this  week  failed. ...  So  please,  if  you  know,  enlighten  me. 

My  address  is  not  considered  personal  information:  buzz@nww.com. 


The  NetVanta  3000  Series  from  ADTRAN  . 


Dare  to  Compare! 

NetVanta 

3305 

Industry-Leading 

Brand 

Dual  Network  Interfaces 

✓ 

$$$ 

Dual  Ethernet  Interfaces 

✓ 

sss 

Stateful  Inspection  Firewall 

✓ 

$$$ 

Command  Line  Interface  (CLI) 

✓ 

✓ 

Quality  of  Service  (QoS) 

✓ 

✓ 

VLAN  Trunking 

✓ 

✓ 

Virtual  Private  Networking  (VPN) 

$ 

$$$ 

Dial  Backup 

$ 

sss 

PBX  Connectivity 

$ 

$$$$$ 

Unlimited  Telephone  Support 

✓ 

$$$ 

Free  Maintenance  Releases 

✓ 

Not  Available 

Warranty 

5  Year 

1  Year 

Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


Using  a  NetVanta  3000  router,  you  can  outfit  a  remote 
location  with  complete  T1  voice  and  data  communications 
for  50%  less  than  you’re  accustomed  to  paying.  Loaded 
with  standard  features,  and  available  with  very  reasonably 
priced  options,  the  NetVanta  3000  Series  is  everything  you 
need  in  a  router  and  more.  Lower  price  isn’t  the  result  of 
cutting  corners — it’s  the  result  of  smart  engineering. 
Engineering  that’s  backed  by  a  1 00%  satisfaction  guarantee 
from  ADTRAN,  including  unlimited  telephone  technical 
support  (before  and  after  the  sale) ,  free  maintenance  upgrades, 
and  a  full  five-year  warranty.  Try  a  NetVanta  3000  router 
today.  And  start  getting  more  out  of  your  router  dollar. 

Why  pay  more? 


Test  your  CLI  knowledge!  Receive  a  free  T-Shirt! 

www.adtran.  com/inf o/wh  ypa  ymore 


877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 


Experts  choose  ADTRANl" 


Copyright (D 2003  ADTRAN  Inc.  All  rights  reserved  ADTRAN  and  NetVanta  are  trademarks  of  ADTFAN,  Inc. 
Five-year  warranty  applies  only  in  North  Amenca.  EN65A100603NW 


Tivoli  software 


See  how  much  storage  you  have. 
See  how  much  storage  you  need. 
See  it  adjust  without  doing  a  thing 


Tivoli  Storage  Management  helps  optimize  your  storage  systems.  Underutilized  space  is  automatically 
identified.  Nonessential  data  is  easily  eliminated.  It’s  an  integral,  affordable  complement  to  server 
consolidation,  and  it’s  compatible  with  most  current  storage  systems.  For  more  on  this  award-winning 
software  and  to  download  Tivoli  Storage  Resource  Manager  trial  code,  visit  ibm.com/tivoli/seeit/tsrm 


IBM.  Tivoli,  the  e-business  logo  and  e-business  on  demand  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  United  States  and  or  other 
countries.  Certain  restrictions  will  apply  to  your  use  of  this  software  Winner,  ARC  Award.  August  2003.  Please  visit  the  Web  site  for  governing  terms  and  Conditions  Your  results  may  differ 

ft  2003  IBM  Corporation  All  rights  reserved. 
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